CVE-2016-10544 – uws

Package

Manager: npm
Name: uws
Vulnerable Version: >=0.10.0 <0.10.9

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:R

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00334 pctl0.55653

Details

Denial of Service in uws Affected versions of `uws` do not properly handle large websocket messages when `permessage-deflate` is enabled, which may result in a denial of service condition. If `uws` recieves a 256Mb websocket message when `permessage-deflate` is enabled, the server will compress the message prior to executing the length check, and subsequently extract the message prior to processing. This can result in a situation where an excessively large websocket message passes the length checks, yet still gets cast from a Buffer to a string, which will exceed v8's maximum string size and crash the process. ## Recommendation Update to version 0.10.9 or later. Alternatively, disable `permessage-deflate`.

Metadata

Created: 2020-09-01T16:02:29Z
Modified: 2020-08-31T18:12:32Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/09/GHSA-hf5h-hh56-3vrg/GHSA-hf5h-hh56-3vrg.json
CWE IDs: ["CWE-400"]
Alternative ID: GHSA-hf5h-hh56-3vrg
Finding: F002
Auto approve: 1