Unity Linux 20.1060e / 20.1070e Security Update: rubygem-websocket-extensions (UTSA-2026-016659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016659 advisory. websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a head...

Astra Linux - уязвимость в ruby-websocket-extensions

The websocket-extensions Ruby module before version 0.1.5 allowed Denial of Service DoS attacks through Regex backtracking. The extension parser could take quadratic time when parsing a header containing an unclosed string parameter value whose content was a repeated two-byte sequence of a...

ruby4.0-rubygem-websocket-extensions-0.1.5-1.24 on GA media (moderate)

ruby4.0-rubygem-websocket-extensions-0.1.5-1.24 on GA media Announcement ID: openSUSE-SU-2026:10368-1 Rating: moderate Cross-References: CVE-2020-7663 CVSS scores: CVE-2020-7663 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves on...

OPENSUSE-SU-2026:10368-1 ruby4.0-rubygem-websocket-extensions-0.1.5-1.24 on GA media

These are all security issues fixed in the ruby4.0-rubygem-websocket-extensions-0.1.5-1.24 package on the GA media of openSUSE Tumbleweed...

EUVD-2020-0489

Malware in sbrugna...

EUVD-2020-0487

Malware in sbrugna...

SUSE-SU-2025:02992-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: Updated to Tomcat 11.0.10 - CVE-2025-48989: Fixed 'MadeYouReset' DoS in HTTP/2 due to client triggered stream reset bsc1243895 Other fixes: Catalina + Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one ...

ROS-20250724-06

A vulnerability in the Ruby websocket-extensions module that supports the implementation of WebSocket extensions is related to spending quadratic time parsing a header containing an unclosed string parameter value, which is a repeating two-byte sequence of backslash and some of backslash and some...

OPENSUSE-SU-2025:15130-1 ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 on GA media

These are all security issues fixed in the ruby3.4-rubygem-websocket-extensions-0.1.5-1.22 package on the GA media of openSUSE Tumbleweed...

ws Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ws - Denial of Service', 'Description' = %q This module exploits a Denial of Service vulnerability in npm module "ws". By sending a specially...

OPENSUSE-SU-2024:14180-1 ruby3.3-rubygem-websocket-extensions-0.1.5-1.20 on GA media

These are all security issues fixed in the ruby3.3-rubygem-websocket-extensions-0.1.5-1.20 package on the GA media of openSUSE Tumbleweed...

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0127-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2020-7663

websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-websocket-extensions (SUSE-SU-2023:0127-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0127-1 advisory. - websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser ma...

SUSE-SU-2023:0127-1 Security update for rubygem-websocket-extensions

This update for rubygem-websocket-extensions fixes the following issues: - CVE-2020-7663: Fixed an excessive resource consumption when parsing crafted message headers sent by an attacker bsc1172445...

OESA-2022-2093 rubygem-websocket-extensions security update

Generic extension manager for WebSocket connections. Security Fixes: websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content ...

OESA-2022-1553 rubygem-websocket-extensions security update

Generic extension manager for WebSocket connections. Security Fixes: websocket-extensions ruby module prior to 0.1.5 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content ...

CVE-2020-7662

websocket-extensions npm module prior to 0.1.4 allows Denial of Service DoS via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other...

Regular Expression Denial of Service

Overview In websocket-extensions before version 0.1.4, there is a vulnerability which allows an attacker to exhaust the server's capacity to process incoming requests by sending a WebSocket handshake request containing a header of the following form: Sec-WebSocket-Extensions: a;...

rubygem-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser

A flaw was found in the websocket-extensions ruby module in versions prior to 0.1.5. The parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and another character. When abused by an...