Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-48779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to...

7.5CVSS5.8AI score0.00782EPSS
Exploits1References4
OSV
OSV
added 2026/06/17 1:20 p.m.4 views

UBUNTU-CVE-2026-48779

ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...

7.5CVSS5.7AI score0.00782EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.18 views

PT-2026-49552

Name of the Vulnerable Software and Affected Versions ws versions 1.1.0 through 5.2.4 ws versions 6.0.0 through 6.2.3 ws versions 7.0.0 through 7.5.10 ws versions 8.0.0 through 8.20.9 Description ws is an open source WebSocket client and server for Node.js. A peer can send a high volume of...

7.5CVSS5.3AI score0.00782EPSS
Exploits1References33
OSV
OSV
added 2026/05/18 7:2 p.m.5 views

GHSA-58QX-3VCG-4XPX ws: Uninitialized memory disclosure

Impact The websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. Proof of concept js import deepStrictEqual from 'node:assert'; import WebSocket, WebSocketServer from 'ws'; const wss = new WebSocketServer port: 0,...

4.4CVSS5.8AI score0.00717EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0968

Malware in sbrugna...

5.3CVSS6.4AI score0.02936EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2024/08/14 12:0 a.m.4 views

The vulnerability of the `server.maxHeadersCount()` configuration in the client-server library `ws` of the Node.js software platform allows a attacker to trigger a denial-of-service attack.

The vulnerability of the server.maxHeadersCount configuration in the client-server library ws of the Node.js software platform is related to errors in pointer assignment due to exceeding the threshold values of request headers. Exploiting this vulnerability may allow a remote attacker to cause...

7.8CVSS6.8AI score0.01357EPSS
Exploits0References11Affected Software3
Positive Technologies
Positive Technologies
added 2024/06/10 12:0 a.m.5 views

PT-2024-5560

Name of the Vulnerable Software and Affected Versions ws versions prior to 8.17.1 ws versions prior to 7.5.10 ws versions prior to 6.2.3 ws versions prior to 5.2.4 Description The issue is related to errors in handling request headers in the ws library for Node.js, specifically when the number of...

8.7CVSS6.3AI score0.01357EPSS
Exploits0References35
Rows per page
Query Builder