opcfoundation.netstandard.opc.ua contains the OPC UA reference implementation and is targeting the .NET Standard Library.
Affected versions of the package are vulnerable to Information Exposure. A remote attacker could determine the Server’s private key by sending carefully constructed bad
NOTE This attack only affects
UserIdentityTokens encrypted with the
Basic128Rsa15 Security Policy which has already been depreciated.
opcfoundation.netstandard.opc.ua to version 1.3.352.12 or higher.
Do your applications use this vulnerable package?