CVE-2023-31048: Generation of Error Message Containing Sensitive Information

December 12, 2023 (updated December 18, 2023)

The OPC UA .NET Standard Reference Server before 1.4.371.86. places sensitive information into an error message that may be seen remotely.

References

files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-31048.pdf
github.com/OPCFoundation/UA-.NETStandard/releases
github.com/OPCFoundation/UA-.NETStandard/releases/tag/1.4.371.86
nvd.nist.gov/vuln/detail/CVE-2023-31048

Code Behaviors & Features

Detect and mitigate CVE-2023-31048 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →