Search for packages
| purl | pkg:npm/ws@7.0.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-72v3-t5vr-w7hx
Aliases: CVE-2024-37890 GHSA-3h5v-q93c-6h6q |
ws affected by a DoS when handling a request with many HTTP headers A request with a number of headers exceeding the [`server.maxHeadersCount`][] threshold could be used to crash a ws server. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-q35m-3hvy-a7dx
Aliases: CVE-2021-32640 GHSA-6fc8-4gx4-v693 |
Uncontrolled Resource Consumption ws is an open source WebSocket client and server library for Node. In vulnerable versions of ws, the issue can be mitigated by reducing the maximum allowed length of the request headers. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-07T20:46:27.735428+00:00 | GHSA Importer | Affected by | VCID-q35m-3hvy-a7dx | https://github.com/advisories/GHSA-6fc8-4gx4-v693 | 38.6.0 |
| 2026-06-05T21:45:26.302168+00:00 | GHSA Importer | Affected by | VCID-72v3-t5vr-w7hx | https://github.com/advisories/GHSA-3h5v-q93c-6h6q | 38.6.0 |
| 2026-06-04T16:21:57.877012+00:00 | GitLab Importer | Affected by | VCID-72v3-t5vr-w7hx | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ws/CVE-2024-37890.yml | 38.6.0 |
| 2026-06-04T16:21:28.899243+00:00 | GitLab Importer | Affected by | VCID-q35m-3hvy-a7dx | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ws/CVE-2021-32640.yml | 38.6.0 |