GHSA-MFPJ-3QHM-976M Uncontrolled Resource Consumption in asyncua and opcua

All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...

CVE-2022-25888

The package opcua from 0.0.0 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g. 2GB each...

PT-2022-4448 · Opcua +2 · Opcua +2

Name of the Vulnerable Software and Affected Versions: opcua versions all asyncua versions all Description: The issue is related to an uncontrolled consumption of resources in the opcua and asyncua libraries. This can be exploited by a remote attacker to cause a denial of service. The vulnerabili...

Denial of Service (DoS)

Overview opcua is an OPC UA server / client API implementation for Rust. Affected versions of this package are vulnerable to Denial of Service DoS via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message siz...