Search for packages
| purl | pkg:nuget/OPCFoundation.NetStandard.Opc.Ua.Core@1.4.365.10 |
| Next non-vulnerable version | 1.5.374.158 |
| Latest non-vulnerable version | 1.5.374.158 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-53xw-2jd2-pugg
Aliases: CVE-2024-45526 GHSA-7vfh-cqpc-4267 |
Security Update for the OPC UA .NET Standard Stack This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to trigger a gradual degradation in performance. |
Affected by 1 other vulnerability. |
|
VCID-9sgb-7afy-dbgm
Aliases: CVE-2022-29862 GHSA-5q2v-6j86-5h9v |
Security Update for the OPC UA .NET Standard Stack A vulnerability was discovered in OPC UA .NET Standard Stack that allows a malicious client or server to cause a peer to hang with a carefully crafted message sent during secure channel creation. |
Affected by 5 other vulnerabilities. |
|
VCID-a85p-s3vr-w3ht
Aliases: CVE-2022-29863 GHSA-r7pq-3x6p-7jcm |
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to cause a server to trigger an out of memory exception with a carefully crafted message. |
Affected by 5 other vulnerabilities. |
|
VCID-c3w3-gqx4-67cd
Aliases: CVE-2022-29864 GHSA-vhfw-v69p-crcw |
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to cause a server to trigger an out of memory exception by sending a large number of message chunks. |
Affected by 5 other vulnerabilities. |
|
VCID-pmtm-p8gm-xkcp
Aliases: GHSA-qm9f-c3v9-wphv |
Security Update for the OPC UA .NET Standard Stack This security update resolves a vulnerability in the OPC UA .NET Standard Stack that enables an unauthorized attacker to trigger a rapid increase in memory consumption. |
Affected by 2 other vulnerabilities. |
|
VCID-ue5w-bjqp-9kfc
Aliases: CVE-2024-42512 GHSA-h958-fxgg-g7w3 |
Security Update for the OPC UA .NET Standard Stack This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. Note that the Basic128Rsa15 is disabled by default so most users will not be affected. When this patch is applied the Server closes all channels using the Basic128Rsa15 if an attack is detected. This introduces a DoS before any compromise can occur which is preferable to a compromise. To prevent this failure, applications must stop using Basic128Rsa15. |
Affected by 0 other vulnerabilities. |
|
VCID-ur54-987z-5ue5
Aliases: CVE-2024-33862 GHSA-4q2p-hwmr-qcxc |
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability A buffer-management vulnerability in OPC Foundation OPCFoundation.NetStandard.Opc.Ua.Core before 1.5.374.54 could allow remote attackers to exhaust memory resources. It is triggered when the system receives an excessive number of messages from a remote source. This could potentially lead to a denial of service (DoS) condition, disrupting the normal operation of the system. |
Affected by 2 other vulnerabilities. |
|
VCID-wbtc-7rp8-1qbq
Aliases: CVE-2023-31048 GHSA-4cvp-hr63-822j |
Exposure of Sensitive Information in OPC UA .NET Standard Reference Server This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows remote attackers to send malicious requests that expose sensitive information. https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-31048.pdf |
Affected by 4 other vulnerabilities. |
|
VCID-yfz2-kug9-hkcy
Aliases: CVE-2022-29865 GHSA-fvxf-r9fw-49pc |
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that - allows a malicious client or server to bypass the application authentication mechanism - and allow a connection to an untrusted peer. |
Affected by 5 other vulnerabilities. |
|
VCID-yvwx-dkjv-5uag
Aliases: CVE-2022-29866 GHSA-6fp8-cxc9-4fr9 |
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to trigger a stack overflow exception in a server that exposes an HTTPS endpoint. |
Affected by 5 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-df2w-9vh6-4feu | Improper Certificate Validation A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection. |
CVE-2020-29457
GHSA-mjww-934m-h4jw |