Search for packages
| purl | pkg:pypi/websockets@5.0 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-66rg-p1q7-hken
Aliases: CVE-2021-33880 GHSA-8ch4-58qp-g3mp PYSEC-2021-95 |
private key recovery |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-jgps-sj55-xyfj | aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Servers and clients, unless configured with compression=None that can result in Denial of Service by memory exhaustion. This attack appear to be exploitable via Sending a specially crafted frame on an established connection. This vulnerability appears to have been fixed in 5. |
CVE-2018-1000518
GHSA-6g87-ff9q-v847 PYSEC-2018-79 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:38:15.601881+00:00 | GitLab Importer | Fixing | VCID-jgps-sj55-xyfj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/websockets/CVE-2018-1000518.yml | 38.6.0 |
| 2026-06-02T04:14:03.978941+00:00 | Pypa Importer | Affected by | VCID-66rg-p1q7-hken | https://github.com/pypa/advisory-database/blob/main/vulns/websockets/PYSEC-2021-95.yaml | 38.6.0 |
| 2026-06-02T04:05:09.869473+00:00 | Pypa Importer | Fixing | VCID-jgps-sj55-xyfj | https://github.com/pypa/advisory-database/blob/main/vulns/websockets/PYSEC-2018-79.yaml | 38.6.0 |