2 matches found
Asymmetric Resource Consumption (Amplification)
Overview ws is a simple to use websocket client, server and console for node.js. Affected versions of this package are vulnerable to Asymmetric Resource Consumption Amplification when handling a large number of very small fragments and data chunks. An attacker can cause excessive memory allocatio...
CVE-2024-41996
CVE-2024-41996 is cited in the Ubuntu USN/NASL doc as a vulnerability where validating the order of public keys in Diffie-Hellman with an approved safe prime can cause a client to trigger expensive server-side DHE exponentiations, leading to asymmetric resource consumption. The connected document...