RSS   Podatności dla 'Websockets'   RSS

2018-06-26
 
CVE-2018-1000518

CWE-400
 

 
aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Servers and clients, unless configured with compression=None that can result in Denial of Service by memory exhaustion. This attack appear to be exploitable via Sending a specially crafted frame on an established connection. This vulnerability appears to have been fixed in 5.

 


Copyright 2024, cxsecurity.com

 

Back to Top