GHSA-vpf7-r2fv-75m9

Source

https://github.com/advisories/GHSA-vpf7-r2fv-75m9

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-vpf7-r2fv-75m9/GHSA-vpf7-r2fv-75m9.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-vpf7-r2fv-75m9

Aliases

CVE-2023-27321

Published

2023-05-05T02:19:39Z

Modified

2024-05-08T14:00:59.293640Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server

Details

This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows remote attackers to send malicious requests that consume all memory available to the server.

https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf

Database specific

{
    "nvd_published_at": "2024-05-07T23:15:15Z",
    "severity": "HIGH",
    "github_reviewed_at": "2023-05-05T02:19:39Z",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-400"
    ]
}

References

Affected packages

NuGet / OPCFoundation.NetStandard.Opc.Ua.Server

Package

Name: OPCFoundation.NetStandard.Opc.Ua.Server; View open source insights on deps.dev
Purl: pkg:nuget/OPCFoundation.NetStandard.Opc.Ua.Server

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.371.86

Affected versions

1.*

1.4.363.104-preview

1.4.363.107

1.4.364.40

1.4.365-gfc341ee8c5

1.4.365.1-preview

1.4.365.2

1.4.365.10

1.4.365.23

1.4.365.48

1.4.366.31-preview

1.4.366.38

1.4.367.39

1.4.367.41

1.4.367.42

1.4.367.64-preview

1.4.367.75

1.4.367.95

1.4.367.100

1.4.368.27-preview

1.4.368.33

1.4.368.52-preview

1.4.368.53

1.4.368.58

1.4.369.30

1.4.370.1

1.4.370.9

1.4.370.12

1.4.371.41

1.4.371.50

1.4.371.60