6 matches found
CVE-2026-45541
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...
CVE-2026-45541 ESF-IDF: Remote Null Pointer Dereference in WebSocket Server
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...
The vulnerability of the client-server WebSocket library in Node-ws software, related to uncontrolled resource consumption, allows attackers to trigger a service failure.
The vulnerability of the client-server WebSocket library in Node-ws software is related to an incorrect interpretation of the “Sec-Websocket-Protocol” header. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
AZL-44670 CVE-2021-32640 affecting package js-jquery 3.5.0-4
ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. The vulnerability has been fixed in [email protected]...
DEBIAN-CVE-2021-32640
ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. The vulnerability has been fixed in [email protected]...
UBUNTU-CVE-2021-32640
ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. The vulnerability has been fixed in [email protected]...