CVE-2022-25302

Name of the Vulnerable Software and Affected Versions asneg/opcuastack versions (affected versions not specified)

Description The issue is related to a Denial of Service (DoS) condition due to a missing handler for failed casting when unvalidated data is forwarded to boost::get function in OpcUaNodeIdBase.h. This can be exploited by sending a specifically crafted OPC UA message with a special encoded NodeId.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.