Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Node-opcua ProjectNode-opcua

3 matches found

CVE
CVEadded 2022/08/24 5:5 a.m.86 views

CVE-2022-24375

The CVE-2022-24375, observed in the node-opcua package, is a DoS vulnerability that occurs when an attacker bypasses memory-consumption limits by sending multiple CloseSession requests with deleteSubscription set to False. Affected are versions prior to 2.74.0. The root cause is improper resource...

7.5CVSS7.5AI score0.01248EPSS
CVE
CVEadded 2022/08/23 5:6 a.m.62 views

CVE-2022-21208

CVE-2022-21208 affects the NodeOPCUA library. The vulnerability is a DoS caused by a missing limit on the number of received chunks per session or across all concurrent sessions, allowing an attacker to send an unlimited number of huge chunks (e.g., 2 GB each) without the Final closing chunk. Aff...

7.5CVSS7.5AI score0.01167EPSS
CVE
CVEadded 2022/08/23 5:5 a.m.47 views

CVE-2022-25231

CVE-2022-25231 affects node-opcua before 2.74.0. A crafted OPC UA message with a specific NodeID can trigger memory-allocation-induced DoS when v8 memory limits are exceeded, impacting availability. Mitigation: upgrade to node-opcua 2.74.0 or later (remediation consistently recommended across OSV...

7.5CVSS7.4AI score0.0103EPSS