10 matches found
EUVD-2022-6517
Malicious code in bioql PyPI...
EUVD-2022-6584
Malicious code in bioql PyPI...
CVE-2022-25903
The package opcua from 0.0.0 are vulnerable to Denial of Service DoS via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed...
CVE-2022-24375 Denial of Service (DoS)
The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False...
CVE-2022-25903 Denial of Service (DoS)
The package opcua from 0.0.0 are vulnerable to Denial of Service DoS via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed...
CVE-2022-25903
The package opcua from 0.0.0 are vulnerable to Denial of Service DoS via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed...
aristote-malo (=1.9.5), biobridge (>=0.1.0 <=0.2.5) +25 more potentially affected by CVE-2022-25304 via opcua (=0.98.13)
opcua PYPI version =0.98.13 is affected by a known vulnerability. The following packages have a transitive dependency on opcua and may be impacted: - aristote-malo =1.9.5 - biobridge =0.1.0, =5.1.0, =1.4.1b1, =0.7.0b1, =0.3.3, =0.1.0, =0.1.2.post1 - opc-full-connect =0.1.0 and more Source cves:...
CVE-2022-21208
The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g. 2GB...
Code injection
The package opcua from 0.0.0 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g. 2GB each...
UBUNTU-CVE-2022-25304
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...