Headline
GHSA-hgxq-hcrm-c5pm: opcua Vulnerable to Out-of-bounds Write
The package opcua from 0.0.0 until 0.11.0 is vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed.
opcua Vulnerable to Out-of-bounds Write
High severity GitHub Reviewed Published Aug 25, 2022 • Updated Sep 1, 2022
Related news
CVE-2022-25903: Snyk Vulnerability Database | Snyk
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed.