CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-24298

All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.4%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/FreeOpcUa/freeopcua/issues/391
https://security.snyk.io/vuln/SNYK-UNMANAGED-FREEOPCUAFREEOPCUA-2988720
https://github.com/FreeOpcUa/freeopcua/issues/391
https://security.snyk.io/vuln/SNYK-UNMANAGED-FREEOPCUAFREEOPCUA-2988720

Products affected by CVE-2022-24298

Freeopcua Project » Freeopcua » Version: Any

cpe:2.3:a:freeopcua_project:freeopcua:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24298

Products

Pricing

Contact Us