logo

Database

Lack of data validation In opcfoundation.netstandard.opc.ua.core

Description

Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to cause a server to trigger an out of memory exception with a carefully crafted message.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2022-298632. NVD-2022-298633. OSV-2022-298634. GHSA-r7pq-3x6p-7jcm5. GCVE-2022-298636. GHSA-r7pq-3x6p-7jcm7. files.opcfoundation.org

References

1. https://github.com/OPCFoundation/UA-.NETStandard/security/advisories/GHSA-r7pq-3x6p-7jcm2. https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-29863.pdf

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.