19 matches found
EUVD-2022-6584
Malicious code in bioql PyPI...
EUVD-2022-6479
Malicious code in bioql PyPI...
netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service...
CVE-2022-25888
The package opcua from 0.0.0 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g. 2GB each...
DEBIAN-CVE-2022-25304
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...
CVE-2022-25304
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...
UBUNTU-CVE-2022-25304
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...
CVE-2022-21208 Denial of Service (DoS)
The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g. 2GB...
CVE-2022-25304
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited numb...
CVE-2022-21208
The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g. 2GB...
CVE-2022-25761
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an...
CVE-2022-25888
The package opcua from 0.0.0 are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g. 2GB each...
CVE-2022-24381
All versions of package asneg/opcuastack are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e.g...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e....
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e....
Denial of Service (DoS)
Overview node-opcua is an implementation of a OPC UA stack fully written in javascript and nodejs Affected versions of this package are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks e....
PT-2022-4443 · Unknown · Node-Opcua
Name of the Vulnerable Software and Affected Versions: node-opcua versions prior to 2.74.0 Description: The issue is related to a missing limitation on the number of received chunks per single session or in total for all concurrent sessions, which can lead to a Denial of Service DoS. An attacker...
netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service...