Loading HuntDB...

CVE-2016-10544

UNKNOWN
Published 2018-05-31T20:00:00Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2016-10544. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to less than 16mb of websocket payload which passes the length check of 16mb payload. This data will then inflate up to 256mb and crash the node process by exceeding V8's maximum string size. This affects uws >=0.10.0 <=0.10.8.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed HIGH

Denial of Service in uws

GHSA-hf5h-hh56-3vrg

Advisory Details

Affected versions of `uws` do not properly handle large websocket messages when `permessage-deflate` is enabled, which may result in a denial of service condition. If `uws` recieves a 256Mb websocket message when `permessage-deflate` is enabled, the server will compress the message prior to executing the length check, and subsequently extract the message prior to processing. This can result in a situation where an excessively large websocket message passes the length checks, yet still gets cast from a Buffer to a string, which will exceed v8's maximum string size and crash the process. ## Recommendation Update to version 0.10.9 or later. Alternatively, disable `permessage-deflate`.

Affected Packages

npm uws
ECOSYSTEM: ≥0.10.0 <0.10.9

CVSS Scoring

CVSS Score

7.5

Advisory provided by GitHub Security Advisory Database. Published: September 1, 2020, Modified: August 31, 2020

References

Published: 2018-05-31T20:00:00Z
Last Modified: 2024-09-17T02:56:54.139Z
Copied to clipboard!