{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T21:03:09.055","vulnerabilities":[{"cve":{"id":"CVE-2022-25231","sourceIdentifier":"report@snyk.io","published":"2022-08-23T05:15:07.873","lastModified":"2024-11-21T06:51:50.897","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8’s memory limit."},{"lang":"es","value":"El paquete node-opcua versiones anteriores a 2.74.0, es vulnerable a una Denegación de Servicio (DoS) mediante el envío de un mensaje OPC UA específicamente diseñado con un NodeID OPC UA especial, cuando la asignación de memoria solicitada excede el límite de memoria de v8."}],"metrics":{"cvssMetricV31":[{"source":"report@snyk.io","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:node-opcua_project:node-opcua:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2.74.0","matchCriteriaId":"900AECE1-5AD5-4065-AE88-E02D6885B83C"}]}]}],"references":[{"url":"https://github.com/node-opcua/node-opcua/commit/7b5044b3f5866fbedc3efabd05e407352c07bd2f","source":"report@snyk.io","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/node-opcua/node-opcua/pull/1182","source":"report@snyk.io","tags":["Patch","Third Party Advisory"]},{"url":"https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988724","source":"report@snyk.io","tags":["Third Party Advisory"]},{"url":"https://github.com/node-opcua/node-opcua/commit/7b5044b3f5866fbedc3efabd05e407352c07bd2f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/node-opcua/node-opcua/pull/1182","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://security.snyk.io/vuln/SNYK-JS-NODEOPCUA-2988724","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}