Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Websocket-extensions ProjectWebsocket-extensions

2 matches found

CVE
CVEadded 2020/06/02 6:25 p.m.178 views

CVE-2020-7663

The CVE-2020-7663 issue affects the ruby-websocket-extensions library (prior to 0.1.5). The parser can take quadratic time when processing a Sec-WebSocket-Extensions header containing an unclosed string parameter value with a repeating two‑byte sequence (backslash and a character), enabling Regex...

7.5CVSS7.2AI score0.04349EPSS
CVE
CVEadded 2020/06/02 6:28 p.m.166 views

CVE-2020-7662

CVE-2020-7662 affects the websocket-extensions npm module prior to 0.1.4. The vulnerability arises from the extension parser, which may enter exponential/regex backtracking on a header like Sec-WebSocket-Extensions with an unclosed string containing a repeating two-byte sequence, causing a Denial...

7.5CVSS7.2AI score0.02955EPSS