Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/08/24 12:0 a.m.6 views

@actyx-contrib/actyx-tutorial-simulator (=0.1.0), @adaptier/opcua-browser (>=1.0.0 <=1.0.1) +112 more potentially affected by CVE-2022-25231 via node-opcua (>=0.0.49 <=2.73.1)

node-opcua NPM version =0.0.49, =1.0.0, =1.0.0, =0.1.6, =1.0.2, =1.1.19, =1.3.2-alpha.36, =1.4.15-alpha.218, =1.4.15-alpha.66, =1.4.15-alpha.183, =1.4.15-alpha.61, =1.3.6-alpha.36, =1.4.15-alpha.65 and more Source cves: CVE-2022-25231 Source advisory: OSV:GHSA-QPGC-XH7J-52Q8...

7.5CVSS7AI score0.0103EPSS
Exploits0
Cvelist
Cvelist
added 2022/08/23 5:5 a.m.18 views

CVE-2022-25231 Denial of Service (DoS)

The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8’s memory limit...

7.5CVSS7.6AI score0.0103EPSS
Exploits0References3
OSV
OSV
added 2022/08/23 5:5 a.m.11 views

CVE-2022-25231 Denial of Service (DoS)

The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8’s memory limit...

7.5CVSS7.1AI score0.0103EPSS
Exploits0References5
CVE
CVE
added 2022/08/23 5:5 a.m.48 views

CVE-2022-25231

CVE-2022-25231 affects node-opcua before 2.74.0. A crafted OPC UA message with a specific NodeID can trigger memory-allocation-induced DoS when v8 memory limits are exceeded, impacting availability. Mitigation: upgrade to node-opcua 2.74.0 or later (remediation consistently recommended across OSV...

7.5CVSS7.4AI score0.0103EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder