Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory.
{
"cna_assigner": "snyk",
"cwe_ids": [
"CWE-400"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/26xxx/CVE-2023-26151.json"
}{
"cpe": "cpe:2.3:a:freeopcua:opcua-asyncio:*:*:*:*:*:python:*:*",
"source": [
"CPE_RANGE",
"REFERENCES"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "0.9.96"
}
]
}