Vulnerabilities > Node Opcua Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-24 | CVE-2022-24375 | Resource Exhaustion vulnerability in Node-Opcua Project Node-Opcua The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False. | 7.5 |
2022-08-23 | CVE-2022-21208 | Improper Validation of Specified Quantity in Input vulnerability in Node-Opcua Project Node-Opcua The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. | 7.5 |
2022-08-23 | CVE-2022-25231 | Allocation of Resources Without Limits or Throttling vulnerability in Node-Opcua Project Node-Opcua The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8’s memory limit. | 7.5 |