npm/ws — 5 CVEs · VulnScope

HIGH7.5CVE-2024-37890ws affected by a DoS when handling a request with many HTTP headers

>= 2.1.0, < 5.2.4

HIGH7.5CVE-2016-10542DoS due to excessively large websocket message in ws

from 0, < 1.1.1

HIGH7.5CVE-2016-10518Remote Memory Disclosure in ws

from 0, < 1.0.1

MEDIUM5.3ReDoS in Sec-Websocket-Protocol header

>= 7.0.0, < 7.4.6

MEDIUM4.4ws: Uninitialized memory disclosure

>= 8.0.0, < 8.20.1

pkg:npm/ws