Skip to content

Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core

High severity GitHub Reviewed Published Jun 15, 2022 in OPCFoundation/UA-.NETStandard • Updated Jan 30, 2023

Package

nuget OPCFoundation.NetStandard.Opc.Ua.Core (NuGet)

Affected versions

<= 1.4.368.53

Patched versions

1.4.368.58

Description

A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to trigger a stack overflow exception in a server that exposes an HTTPS endpoint.

References

Published by the National Vulnerability Database Jun 16, 2022
Published to the GitHub Advisory Database Jun 17, 2022
Reviewed Jun 17, 2022
Last updated Jan 30, 2023

Severity

High

EPSS score

1.224%
(85th percentile)

Weaknesses

CVE ID

CVE-2022-29866

GHSA ID

GHSA-6fp8-cxc9-4fr9

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.