node-opcua (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package node-opcua, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2022-21208 — CVSS 7.5 (high): The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks…
CVE-2022-24375 — CVSS 7.5 (high): The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory…
CVE-2022-25231 — CVSS 7.5 (high): The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a…