Denial of Service (DoS) Vulnerability in freeopcua/freeopcua Package: Excessive Memory Consumption via CloseSession Requests

Denial of Service (DoS) Vulnerability in freeopcua/freeopcua Package: Excessive Memory Consumption via CloseSession Requests

CVE-2022-24298 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.

Learn more about our Cyber Security Assurance Subscription.