Freeopcua

freeopcua

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-26151 1Freeopcua 1Opcua Asyncio Nov 21, 2024 Oct 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive...Show more Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory.Show less
CVE-2023-26150 1Freeopcua 1Opcua Asyncio Nov 21, 2024 Oct 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missin...Show more Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session.Show less
CVE-2022-24298 2Freeopcua Freeopcua Project 2Freeopcua Freeopcua Mar 3, 2026 Aug 23, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription...Show more All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.Show less