Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ua\-\.net\-Legacy
(Opcfoundation)| Repositories | https://github.com/OPCFoundation/UA-.NET-Legacy |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-05-20 | CVE-2021-27432 | OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow. | Ua\-\.net\-Legacy, Ua_\.net_standard_stack | 7.5 | ||
| 2018-06-13 | CVE-2018-7559 | An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. A vulnerability in OPC UA applications can allow a remote attacker to determine a Server's private key by sending carefully constructed bad UserIdentityTokens as part of an oracle attack. | Ua\-\.net\-Legacy, Ua\-\.netstandard | 5.3 | ||
| 2018-09-14 | CVE-2018-12585 | An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service. | Ua\-\.net\-Legacy, Ua\-Java | 8.2 | ||
| 2018-10-03 | CVE-2018-12087 | Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords. | Ua\-\.net\-Legacy, Ua\-\.netstandard | 5.3 | ||
| 2018-06-14 | CVE-2017-12070 | Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code. | Ua\-\.net\-Legacy | 8.8 |