7 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-48779
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to...
UBUNTU-CVE-2026-48779
ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...
PT-2026-49552
Name of the Vulnerable Software and Affected Versions ws versions 1.1.0 through 5.2.4 ws versions 6.0.0 through 6.2.3 ws versions 7.0.0 through 7.5.10 ws versions 8.0.0 through 8.20.9 Description ws is an open source WebSocket client and server for Node.js. A peer can send a high volume of...
GHSA-58QX-3VCG-4XPX ws: Uninitialized memory disclosure
Impact The websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. Proof of concept js import deepStrictEqual from 'node:assert'; import WebSocket, WebSocketServer from 'ws'; const wss = new WebSocketServer port: 0,...
EUVD-2021-0968
Malware in sbrugna...
The vulnerability of the `server.maxHeadersCount()` configuration in the client-server library `ws` of the Node.js software platform allows a attacker to trigger a denial-of-service attack.
The vulnerability of the server.maxHeadersCount configuration in the client-server library ws of the Node.js software platform is related to errors in pointer assignment due to exceeding the threshold values of request headers. Exploiting this vulnerability may allow a remote attacker to cause...
PT-2024-5560
Name of the Vulnerable Software and Affected Versions ws versions prior to 8.17.1 ws versions prior to 7.5.10 ws versions prior to 6.2.3 ws versions prior to 5.2.4 Description The issue is related to errors in handling request headers in the ws library for Node.js, specifically when the number of...