2 matches found
CVE-2026-12151 vulnerabilities
Vulnerabilities for packages: renovate, node-gyp, prism, npm, saf, code-server, vitess...
DEBIAN-CVE-2026-12151
Impact: The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size...