Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
asyncua 安全漏洞
Vulnerability Description
asyncua是Free OPC-UA Library开源的一个库。 asyncua 0.9.96 之前版本存在安全漏洞,该漏洞源于容易受到拒绝服务 (DoS) 攻击,攻击者可以发送格式错误的数据包,从而导致服务器进入无限循环并消耗过多内存。
CVSS Information
N/A
Vulnerability Type
N/A