Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service (DoS)
Vulnerability Description
The package org.eclipse.milo:sdk-server before 0.6.8 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
Eclipse Milo 安全漏洞
Vulnerability Description
Eclipse Milo是Eclipse基金会的OPC UA (IEC 62541) 的开源实现。 Eclipse Milo sdk-server 0.6.8之前的版本存在安全漏洞,该漏洞源于当通过发送多个参数为deletesubsubscription等于False的CloseSession请求来绕过内存占用限制导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A