Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/08/24 12:0 a.m.7 views

@actyx-contrib/actyx-tutorial-simulator (=0.1.0), @adaptier/opcua-browser (>=1.0.0 <=1.0.1) +112 more potentially affected by CVE-2022-21208 via node-opcua (>=0.0.49 <=2.73.1)

node-opcua NPM version =0.0.49, =1.0.0, =1.0.0, =0.1.6, =1.0.2, =1.1.19, =1.3.2-alpha.36, =1.4.15-alpha.218, =1.4.15-alpha.66, =1.4.15-alpha.183, =1.4.15-alpha.61, =1.3.6-alpha.36, =1.4.15-alpha.65 and more Source cves: CVE-2022-21208 Source advisory: OSV:GHSA-4HR4-PJJH-2Q2W...

7.5CVSS7AI score0.01167EPSS
Exploits0
CVE
CVE
added 2022/08/23 5:6 a.m.65 views

CVE-2022-21208

CVE-2022-21208 affects the NodeOPCUA library. The vulnerability is a DoS caused by a missing limit on the number of received chunks per session or across all concurrent sessions, allowing an attacker to send an unlimited number of huge chunks (e.g., 2 GB each) without the Final closing chunk. Aff...

7.5CVSS7.5AI score0.01167EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/08/23 5:6 a.m.27 views

CVE-2022-21208 Denial of Service (DoS)

The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g. 2GB...

7.5CVSS7.7AI score0.01167EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/08/22 11:15 a.m.7 views

@actyx-contrib/actyx-tutorial-simulator (=0.1.0), @adaptier/opcua-browser (>=1.0.0 <=1.0.1) +96 more potentially affected by CVE-2022-21208 via node-opcua (>=2.100.0 <=2.73.1)

node-opcua NPM version =2.100.0, =1.0.0, =1.0.0, =0.1.6, =1.0.2, =1.1.19, =1.3.2-alpha.36, =1.4.15-alpha.218, =1.4.15-alpha.66, =1.4.15-alpha.183, =1.4.15-alpha.61, =1.3.6-alpha.36, =1.4.15-alpha.65 and more Source cves: CVE-2022-21208 Source advisory: SNYK:JS-NODEOPCUA-2988723...

7.5CVSS7AI score0.01167EPSS
Exploits0
Rows per page
Query Builder