3 matches found
CVE-2016-10518
creationtimestamp| type| source ---|---|--- 2019-02-18 23:56:42+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-2mhh-w6q8-5hxw...
DEBIAN-CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
CVE-2016-10518
CVE-2016-10518 affects the ws Node.js WebSocket module (pre-1.0.0). The vulnerability arises in the ping pathway: data from a ping frame is converted to a Buffer without validating the type, causing memory disclosure when non-zero-sized buffers are used. Affected versions are ws before 1.0.0; mit...