GHSA-vpf7-r2fv-75m9

Source

https://github.com/advisories/GHSA-vpf7-r2fv-75m9

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-vpf7-r2fv-75m9/GHSA-vpf7-r2fv-75m9.json

Aliases

CVE-2023-27321

Published

2023-05-05T02:19:39Z

Modified

2023-11-08T04:12:04.174144Z

Details

This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows remote attackers to send malicious requests that consume all memory available to the server.

https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf

References

Affected packages

NuGet / OPCFoundation.NetStandard.Opc.Ua.Server

Package

Name: OPCFoundation.NetStandard.Opc.Ua.Server

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

1.4.371.86

Affected versions

1.*

1.4.363.104-preview

1.4.363.107

1.4.364.40

1.4.365-gfc341ee8c5

1.4.365.1-preview

1.4.365.2

1.4.365.10

1.4.365.23

1.4.365.48

1.4.366.31-preview

1.4.366.38

1.4.367.39

1.4.367.41

1.4.367.42

1.4.367.64-preview

1.4.367.75

1.4.367.95

1.4.367.100

1.4.368.27-preview

1.4.368.33

1.4.368.52-preview

1.4.368.53

1.4.368.58

1.4.369.30

1.4.370.1

1.4.370.9

1.4.370.12

1.4.371.41

1.4.371.50

1.4.371.60