UBUNTU-CVE-2023-26151

Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service DoS such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory...

UBUNTU-CVE-2023-26150

Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...

Loop with Unreachable Exit Condition ('Infinite Loop')

Overview Affected versions of this package are vulnerable to Loop with Unreachable Exit Condition 'Infinite Loop' such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory. Note: When the attack is performed, no oth...

GHSA-MFPJ-3QHM-976M Uncontrolled Resource Consumption in asyncua and opcua

All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...

PT-2022-4448 · Opcua +2 · Opcua +2

Name of the Vulnerable Software and Affected Versions: opcua versions all asyncua versions all Description: The issue is related to an uncontrolled consumption of resources in the opcua and asyncua libraries. This can be exploited by a remote attacker to cause a denial of service. The vulnerabili...