Search for packages
| purl | pkg:nuget/OPCFoundation.NetStandard.Opc.Ua@1.4.365.10 |
| Next non-vulnerable version | 1.5.374.118 |
| Latest non-vulnerable version | 1.5.374.158 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-53xw-2jd2-pugg
Aliases: CVE-2024-45526 GHSA-7vfh-cqpc-4267 |
Security Update for the OPC UA .NET Standard Stack This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to trigger a gradual degradation in performance. |
Affected by 0 other vulnerabilities. |
|
VCID-9sgb-7afy-dbgm
Aliases: CVE-2022-29862 GHSA-5q2v-6j86-5h9v |
Security Update for the OPC UA .NET Standard Stack A vulnerability was discovered in OPC UA .NET Standard Stack that allows a malicious client or server to cause a peer to hang with a carefully crafted message sent during secure channel creation. |
Affected by 3 other vulnerabilities. |
|
VCID-a85p-s3vr-w3ht
Aliases: CVE-2022-29863 GHSA-r7pq-3x6p-7jcm |
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to cause a server to trigger an out of memory exception with a carefully crafted message. |
Affected by 3 other vulnerabilities. |
|
VCID-c3w3-gqx4-67cd
Aliases: CVE-2022-29864 GHSA-vhfw-v69p-crcw |
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to cause a server to trigger an out of memory exception by sending a large number of message chunks. |
Affected by 3 other vulnerabilities. |
|
VCID-pmtm-p8gm-xkcp
Aliases: GHSA-qm9f-c3v9-wphv |
Security Update for the OPC UA .NET Standard Stack This security update resolves a vulnerability in the OPC UA .NET Standard Stack that enables an unauthorized attacker to trigger a rapid increase in memory consumption. |
Affected by 1 other vulnerability. |
|
VCID-wbtc-7rp8-1qbq
Aliases: CVE-2023-31048 GHSA-4cvp-hr63-822j |
Exposure of Sensitive Information in OPC UA .NET Standard Reference Server This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows remote attackers to send malicious requests that expose sensitive information. https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-31048.pdf |
Affected by 2 other vulnerabilities. |
|
VCID-x8yt-gmev-vqgb
Aliases: CVE-2021-27432 |
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow. |
Affected by 8 other vulnerabilities. |
|
VCID-yfz2-kug9-hkcy
Aliases: CVE-2022-29865 GHSA-fvxf-r9fw-49pc |
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that - allows a malicious client or server to bypass the application authentication mechanism - and allow a connection to an untrusted peer. |
Affected by 3 other vulnerabilities. |
|
VCID-yvwx-dkjv-5uag
Aliases: CVE-2022-29866 GHSA-6fp8-cxc9-4fr9 |
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to trigger a stack overflow exception in a server that exposes an HTTPS endpoint. |
Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-df2w-9vh6-4feu | Improper Certificate Validation A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection. |
CVE-2020-29457
GHSA-mjww-934m-h4jw |