admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-08-23 06:00:37 +00:00
parent 37b26cc597
commit 55486ab97e
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
8 changed files with 74 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
2022/21xxx/CVE-2022-21208.json
View File

@ -48,20 +48,24 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988723"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988723",
"name": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988723"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/node-opcua/node-opcua/commit/33ca3bab4ab781392a2f8d8f5a14de9a0aa0e410"
"refsource": "MISC",
"url": "https://github.com/node-opcua/node-opcua/commit/33ca3bab4ab781392a2f8d8f5a14de9a0aa0e410",
"name": "https://github.com/node-opcua/node-opcua/commit/33ca3bab4ab781392a2f8d8f5a14de9a0aa0e410"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/node-opcua/node-opcua/commit/dbcb5d5191118c22ee9c89332a94b94e6553d76b"
"refsource": "MISC",
"url": "https://github.com/node-opcua/node-opcua/commit/dbcb5d5191118c22ee9c89332a94b94e6553d76b",
"name": "https://github.com/node-opcua/node-opcua/commit/dbcb5d5191118c22ee9c89332a94b94e6553d76b"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/node-opcua/node-opcua/pull/1149"
"refsource": "MISC",
"url": "https://github.com/node-opcua/node-opcua/pull/1149",
"name": "https://github.com/node-opcua/node-opcua/pull/1149"
}
]
},
@ -69,7 +73,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.\r\n\r\nAn attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk.\n"
"value": "The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk."
}
]
},

12
2022/24xxx/CVE-2022-24298.json
View File

@ -48,12 +48,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-UNMANAGED-FREEOPCUAFREEOPCUA-2988720"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-UNMANAGED-FREEOPCUAFREEOPCUA-2988720",
"name": "https://security.snyk.io/vuln/SNYK-UNMANAGED-FREEOPCUAFREEOPCUA-2988720"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/FreeOpcUa/freeopcua/issues/391"
"refsource": "MISC",
"url": "https://github.com/FreeOpcUa/freeopcua/issues/391",
"name": "https://github.com/FreeOpcUa/freeopcua/issues/391"
}
]
},
@ -61,7 +63,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.\n"
"value": "All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False."
}
]
},

7
2022/24xxx/CVE-2022-24381.json
View File

@ -48,8 +48,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-UNMANAGED-ASNEGOPCUASTACK-2988735"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-UNMANAGED-ASNEGOPCUASTACK-2988735",
"name": "https://security.snyk.io/vuln/SNYK-UNMANAGED-ASNEGOPCUASTACK-2988735"
}
]
},
@ -57,7 +58,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.\r\n\r\nAn attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk.\n"
"value": "All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk."
}
]
},

17
2022/25xxx/CVE-2022-25231.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988724"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988724",
"name": "https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988724"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/node-opcua/node-opcua/commit/7b5044b3f5866fbedc3efabd05e407352c07bd2f"
"refsource": "MISC",
"url": "https://github.com/node-opcua/node-opcua/commit/7b5044b3f5866fbedc3efabd05e407352c07bd2f",
"name": "https://github.com/node-opcua/node-opcua/commit/7b5044b3f5866fbedc3efabd05e407352c07bd2f"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/node-opcua/node-opcua/pull/1182"
"refsource": "MISC",
"url": "https://github.com/node-opcua/node-opcua/pull/1182",
"name": "https://github.com/node-opcua/node-opcua/pull/1182"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8\u2019s memory limit.\n"
"value": "The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8\u2019s memory limit."
}
]
},

7
2022/25xxx/CVE-2022-25302.json
View File

@ -48,8 +48,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-UNMANAGED-ASNEGOPCUASTACK-2988732"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-UNMANAGED-ASNEGOPCUASTACK-2988732",
"name": "https://security.snyk.io/vuln/SNYK-UNMANAGED-ASNEGOPCUASTACK-2988732"
}
]
},
@ -57,7 +58,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing handler for failed casting when unvalidated data is forwarded to boost::get function in OpcUaNodeIdBase.h. \r\nExploiting this vulnerability is possible when sending a specifically crafted OPC UA message with a special encoded NodeId.\n"
"value": "All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing handler for failed casting when unvalidated data is forwarded to boost::get function in OpcUaNodeIdBase.h. Exploiting this vulnerability is possible when sending a specifically crafted OPC UA message with a special encoded NodeId."
}
]
},

17
2022/25xxx/CVE-2022-25304.json
View File

@ -66,16 +66,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-PYTHON-OPCUA-2988730"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-PYTHON-OPCUA-2988730",
"name": "https://security.snyk.io/vuln/SNYK-PYTHON-OPCUA-2988730"
},
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-PYTHON-ASYNCUA-2988731"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-PYTHON-ASYNCUA-2988731",
"name": "https://security.snyk.io/vuln/SNYK-PYTHON-ASYNCUA-2988731"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/FreeOpcUa/python-opcua/issues/1466"
"refsource": "MISC",
"url": "https://github.com/FreeOpcUa/python-opcua/issues/1466",
"name": "https://github.com/FreeOpcUa/python-opcua/issues/1466"
}
]
},
@ -83,7 +86,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.\r\n\r\nAn attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk.\n"
"value": "All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk."
}
]
},

27
2022/25xxx/CVE-2022-25761.json
View File

@ -56,24 +56,29 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-UNMANAGED-OPEN62541OPEN62541-2988719"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-UNMANAGED-OPEN62541OPEN62541-2988719",
"name": "https://security.snyk.io/vuln/SNYK-UNMANAGED-OPEN62541OPEN62541-2988719"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/open62541/open62541/commit/b79db1ac78146fc06b0b8435773d3967de2d659c"
"refsource": "MISC",
"url": "https://github.com/open62541/open62541/commit/b79db1ac78146fc06b0b8435773d3967de2d659c",
"name": "https://github.com/open62541/open62541/commit/b79db1ac78146fc06b0b8435773d3967de2d659c"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/open62541/open62541/pull/5173"
"refsource": "MISC",
"url": "https://github.com/open62541/open62541/pull/5173",
"name": "https://github.com/open62541/open62541/pull/5173"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/open62541/open62541/releases/tag/v1.2.5"
"refsource": "MISC",
"url": "https://github.com/open62541/open62541/releases/tag/v1.2.5",
"name": "https://github.com/open62541/open62541/releases/tag/v1.2.5"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/open62541/open62541/releases/tag/v1.3.1"
"refsource": "MISC",
"url": "https://github.com/open62541/open62541/releases/tag/v1.3.1",
"name": "https://github.com/open62541/open62541/releases/tag/v1.3.1"
}
]
},
@ -81,7 +86,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.\r\n\r\nAn attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk.\n"
"value": "The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk."
}
]
},

17
2022/25xxx/CVE-2022-25888.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-RUST-OPCUA-2988751"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-RUST-OPCUA-2988751",
"name": "https://security.snyk.io/vuln/SNYK-RUST-OPCUA-2988751"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/locka99/opcua/pull/216"
"refsource": "MISC",
"url": "https://github.com/locka99/opcua/pull/216",
"name": "https://github.com/locka99/opcua/pull/216"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/locka99/opcua/pull/216/commits/6fb683c5fec46c6dd347824491c4d93a229da695"
"refsource": "MISC",
"url": "https://github.com/locka99/opcua/pull/216/commits/6fb683c5fec46c6dd347824491c4d93a229da695",
"name": "https://github.com/locka99/opcua/pull/216/commits/6fb683c5fec46c6dd347824491c4d93a229da695"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.\r\n\r\nAn attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk.\n"
"value": "The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions. An attacker can exploit this vulnerability by sending an unlimited number of huge chunks (e.g. 2GB each) without sending the Final closing chunk."
}
]
},