Unrated severityNVD Advisory· Published Aug 23, 2022· Updated Sep 17, 2024
Denial of Service (DoS)
CVE-2022-25302
Description
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing handler for failed casting when unvalidated data is forwarded to boost::get function in OpcUaNodeIdBase.h. Exploiting this vulnerability is possible when sending a specifically crafted OPC UA message with a special encoded NodeId.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)
Patches
Vulnerability mechanics
References
1- security.snyk.io/vuln/SNYK-UNMANAGED-ASNEGOPCUASTACK-2988732mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.