Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Websockets ProjectWebsockets

2 matches found

CVE
CVEadded 2021/06/06 2:5 p.m.136 views

CVE-2021-33880

The CVE-2021-33880 issue affects the aaugustin websockets library for Python, before version 9.1. It describes an Observable Timing Discrepancy when HTTP Basic Authentication is enabled (basic_auth_protocol_factory(credentials=...)), allowing an attacker to guess passwords via a timing attack. A ...

5.9CVSS5.8AI score0.02265EPSS
CVE
CVEadded 2018/06/26 4:0 p.m.100 views

CVE-2018-1000518

CVE-2018-1000518 concerns a vulnerability in the Python websockets library (aaugustin websockets) where version 4 allows a Denial of Service via memory exhaustion. The issue arises from improper handling of highly compressed data (Data Amplification, CWE-409) when compression is enabled (i.e., no...

7.5CVSS7.4AI score0.01818EPSS