NuGet package
opcfoundation.netstandard.opc.ua.core
pkg:nuget/opcfoundation.netstandard.opc.ua.core
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42512 | — | < 1.5.374.158 | 1.5.374.158 | Feb 10, 2025 | Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. | ||
| CVE-2024-45526 | Med | 5.3 | < 1.5.374.118 | 1.5.374.118 | Oct 22, 2024 | An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually. | |
| CVE-2024-33862 | Hig | 7.5 | < 1.5.374.54 | 1.5.374.54 | Jul 5, 2024 | A buffer-management vulnerability in OPC Foundation OPCFoundation.NetStandard.Opc.Ua.Core before 1.05.374.54 could allow remote attackers to exhaust memory resources. It is triggered when the system receives an excessive number of messages from a remote source. This could potenti | |
| CVE-2023-31048 | — | < 1.4.371.86 | 1.4.371.86 | Dec 12, 2023 | The OPC UA .NET Standard Reference Server before 1.4.371.86. places sensitive information into an error message that may be seen remotely. | ||
| CVE-2022-29866 | — | < 1.4.368.58 | 1.4.368.58 | Jun 16, 2022 | OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption. | ||
| CVE-2022-29863 | — | < 1.4.368.58 | 1.4.368.58 | Jun 16, 2022 | OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation. | ||
| CVE-2022-29864 | — | < 1.4.368.58 | 1.4.368.58 | Jun 16, 2022 | OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption. | ||
| CVE-2022-29862 | — | < 1.4.368.58 | 1.4.368.58 | Jun 16, 2022 | An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message. | ||
| CVE-2022-29865 | — | < 1.4.368.58 | 1.4.368.58 | Jun 16, 2022 | OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials. | ||
| CVE-2020-29457 | — | < 1.4.365.10 | 1.4.365.10 | Feb 16, 2021 | A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection. |
- CVE-2024-42512Feb 10, 2025affected < 1.5.374.158fixed 1.5.374.158
Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled.
- affected < 1.5.374.118fixed 1.5.374.118
An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually.
- affected < 1.5.374.54fixed 1.5.374.54
A buffer-management vulnerability in OPC Foundation OPCFoundation.NetStandard.Opc.Ua.Core before 1.05.374.54 could allow remote attackers to exhaust memory resources. It is triggered when the system receives an excessive number of messages from a remote source. This could potenti
- CVE-2023-31048Dec 12, 2023affected < 1.4.371.86fixed 1.4.371.86
The OPC UA .NET Standard Reference Server before 1.4.371.86. places sensitive information into an error message that may be seen remotely.
- CVE-2022-29866Jun 16, 2022affected < 1.4.368.58fixed 1.4.368.58
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption.
- CVE-2022-29863Jun 16, 2022affected < 1.4.368.58fixed 1.4.368.58
OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation.
- CVE-2022-29864Jun 16, 2022affected < 1.4.368.58fixed 1.4.368.58
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.
- CVE-2022-29862Jun 16, 2022affected < 1.4.368.58fixed 1.4.368.58
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.
- CVE-2022-29865Jun 16, 2022affected < 1.4.368.58fixed 1.4.368.58
OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials.
- CVE-2020-29457Feb 16, 2021affected < 1.4.365.10fixed 1.4.365.10
A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection.