| CVE-2024-37890 |
high |
— |
8.0 |
|
|
|
2y ago |
ws affected by a DoS when handling a request with many HTTP headers |
| CVE-2026-45736 |
high |
7.5 |
7.5 |
|
|
|
20d ago |
ws: Uninitialized memory disclosure |
| CVE-2016-10542 |
unknown |
— |
1.0 |
|
|
|
7y ago |
ws is a "simple to use, blazing fast and thoroughly tested websocket client, server and console for node.js, up-to-date against RFC-6455". By sending an overly long websocket payload to a `ws` server… |
| CVE-2021-32640 |
unknown |
— |
— |
|
|
|
5y ago |
ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server. The vulnerab… |
| CVE-2016-10518 |
unknown |
— |
— |
|
|
|
7y ago |
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a p… |
