OPCFoundation.NetStandard.Opc.Ua.Core
NuGet9 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting OPCFoundation.NetStandard.Opc.Ua.Corepage 1 of 1
- CVE-2020-29457MEDIUMCVSS 4.4EG 4.4✓ Fixed in 1.4.365.102021-02-16
vulnerable: 0.0.3 ... 1.4.365.2 (25 versions)
A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection.
- CVE-2022-29862HIGHCVSS 7.5EG 7.5✓ Fixed in 1.4.368.582022-06-16
vulnerable: 0.0.3 ... 1.4.368.53 (41 versions)
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.
- CVE-2022-29863HIGHCVSS 7.5EG 7.5✓ Fixed in 1.4.368.582022-06-16
vulnerable: 0.0.3 ... 1.4.368.53 (41 versions)
OPC UA .NET Standard Stack 1.04.368 allows remote attacker to cause a crash via a crafted message that triggers excessive memory allocation.
- CVE-2022-29864HIGHCVSS 7.5EG 7.5✓ Fixed in 1.4.368.582022-06-16
vulnerable: 0.0.3 ... 1.4.368.53 (41 versions)
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.
- CVE-2022-29865HIGHCVSS 7.5EG 7.5✓ Fixed in 1.4.368.582022-06-16
vulnerable: 0.0.3 ... 1.4.368.53 (41 versions)
OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials.
- CVE-2022-29866HIGHCVSS 7.5EG 7.5✓ Fixed in 1.4.368.582022-06-16
vulnerable: 0.0.3 ... 1.4.368.53 (41 versions)
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption.
- CVE-2023-31048MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.4.371.862023-12-12
vulnerable: 0.0.3 ... 1.4.371.60 (49 versions)
The OPC UA .NET Standard Reference Server before 1.4.371.86. places sensitive information into an error message that may be seen remotely.
- CVE-2024-33862HIGHCVSS 7.5EG 7.5✓ Fixed in 1.5.374.542024-07-05
vulnerable: 0.0.3 ... 1.5.374.50-preview (76 versions)
A buffer-management vulnerability in OPC Foundation OPCFoundation.NetStandard.Opc.Ua.Core before 1.05.374.54 could allow remote attackers to exhaust memory resources. It is triggered when the system receives an excessive number of messages…
- CVE-2024-45526MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.5.374.1182024-10-22
vulnerable: 0.0.3 ... 1.5.374.78 (80 versions)
An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually.
Check whether OPCFoundation.NetStandard.Opc.Ua.Core is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for OPCFoundation.NetStandard.Opc.Ua.Core CVEs against the assets you own.
Start Free Scan →