Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/08/25 12:0 a.m.8 views

@actyx-contrib/actyx-tutorial-simulator (=0.1.0), @adaptier/opcua-browser (>=1.0.0 <=1.0.1) +112 more potentially affected by CVE-2022-24375 via node-opcua (>=0.0.49 <=2.73.1)

node-opcua NPM version =0.0.49, =1.0.0, =1.0.0, =0.1.6, =1.0.2, =1.1.19, =1.3.2-alpha.36, =1.4.15-alpha.218, =1.4.15-alpha.66, =1.4.15-alpha.183, =1.4.15-alpha.61, =1.3.6-alpha.36, =1.4.15-alpha.65 and more Source cves: CVE-2022-24375 Source advisory: OSV:GHSA-VH4F-FGPP-X8X2...

7.5CVSS7AI score0.01248EPSS
Exploits0
Circl
Circl
added 2022/08/24 12:22 p.m.5 views

CVE-2022-24375

creationtimestamp| type| source ---|---|--- 2022-08-24 12:22:23+00:00| seen| https://t.me/cibsecurity/48629...

7.5CVSS7.1AI score0.01248EPSS
Exploits0References1
OSV
OSV
added 2022/08/24 5:5 a.m.9 views

CVE-2022-24375 Denial of Service (DoS)

The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False...

7.5CVSS7.1AI score0.01248EPSS
Exploits0References6
CVE
CVE
added 2022/08/24 5:5 a.m.88 views

CVE-2022-24375

The CVE-2022-24375, observed in the node-opcua package, is a DoS vulnerability that occurs when an attacker bypasses memory-consumption limits by sending multiple CloseSession requests with deleteSubscription set to False. Affected are versions prior to 2.74.0. The root cause is improper resource...

7.5CVSS7.5AI score0.01248EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder