Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core

Description

A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to trigger a stack overflow exception in a server that exposes an HTTPS endpoint.

Basic information

Type
reviewed
Severity
high
Advisory on GitHub
Open advisory ↗
Repository advisory
Open repository advisory ↗
Source code
Browse source ↗
Published (advisory)
2022-06-17 21:44:23 UTC
Updated
2023-01-30 05:01:39 UTC
GitHub reviewed
2022-06-17 21:44:23 UTC
NVD published
2022-06-16

EPSS Score

Score Percentile
0.80% 73.52%

CVSS Scores

No CVSS scores in this advisory.

Identifiers

CWEs

CWE id Name
CWE-400 Uncontrolled Resource Consumption

Credits

  • mregen (analyst)

Affected packages (1)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
nuget OPCFoundation.NetStandard.Opc.Ua.Core <= 1.4.368.53 1.4.368.58

References

cvelogic Threat Intelligence