Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/ws@6.2.2
Typenpm
Namespace
Namews
Version6.2.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.2.3
Latest_non_vulnerable_version8.20.1
Affected_by_vulnerabilities
0
url VCID-72v3-t5vr-w7hx
vulnerability_id VCID-72v3-t5vr-w7hx
summary 
ws affected by a DoS when handling a request with many HTTP headers
A request with a number of headers exceeding the [`server.maxHeadersCount`][] threshold could be used to crash a ws server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37890.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37890.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-37890
reference_id
reference_type
scores
0
value 0.00541
scoring_system epss
scoring_elements 0.68021
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-37890
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37890
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37890
3
reference_url https://github.com/websockets/ws
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/websockets/ws
4
reference_url https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:25:45Z/
url https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f
5
reference_url https://github.com/websockets/ws/commit/4abd8f6de4b0b65ef80b3ff081989479ed93377e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:25:45Z/
url https://github.com/websockets/ws/commit/4abd8f6de4b0b65ef80b3ff081989479ed93377e
6
reference_url https://github.com/websockets/ws/commit/e55e5106f10fcbaac37cfa89759e4cc0d073a52c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:25:45Z/
url https://github.com/websockets/ws/commit/e55e5106f10fcbaac37cfa89759e4cc0d073a52c
7
reference_url https://github.com/websockets/ws/commit/eeb76d313e2a00dd5247ca3597bba7877d064a63
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:25:45Z/
url https://github.com/websockets/ws/commit/eeb76d313e2a00dd5247ca3597bba7877d064a63
8
reference_url https://github.com/websockets/ws/issues/2230
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:25:45Z/
url https://github.com/websockets/ws/issues/2230
9
reference_url https://github.com/websockets/ws/pull/2231
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:25:45Z/
url https://github.com/websockets/ws/pull/2231
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074236
reference_id 1074236
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074236
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2292777
reference_id 2292777
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2292777
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-37890
reference_id CVE-2024-37890
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-37890
13
reference_url https://github.com/advisories/GHSA-3h5v-q93c-6h6q
reference_id GHSA-3h5v-q93c-6h6q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3h5v-q93c-6h6q
14
reference_url https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q
reference_id GHSA-3h5v-q93c-6h6q
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:25:45Z/
url https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q
15
reference_url https://nodejs.org/api/http.html#servermaxheaderscount
reference_id http.html#servermaxheaderscount
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:25:45Z/
url https://nodejs.org/api/http.html#servermaxheaderscount
16
reference_url https://access.redhat.com/errata/RHSA-2024:5547
reference_id RHSA-2024:5547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5547
17
reference_url https://access.redhat.com/errata/RHSA-2024:6755
reference_id RHSA-2024:6755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6755
18
reference_url https://access.redhat.com/errata/RHSA-2026:3710
reference_id RHSA-2026:3710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3710
19
reference_url https://access.redhat.com/errata/RHSA-2026:3712
reference_id RHSA-2026:3712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3712
fixed_packages
0
url pkg:npm/ws@6.2.3
purl pkg:npm/ws@6.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ws@6.2.3
1
url pkg:npm/ws@7.5.10
purl pkg:npm/ws@7.5.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ws@7.5.10
2
url pkg:npm/ws@8.17.1
purl pkg:npm/ws@8.17.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ws@8.17.1
aliases CVE-2024-37890, GHSA-3h5v-q93c-6h6q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-72v3-t5vr-w7hx
Fixing_vulnerabilities
0
url VCID-q35m-3hvy-a7dx
vulnerability_id VCID-q35m-3hvy-a7dx
summary 
Uncontrolled Resource Consumption
ws is an open source WebSocket client and server library for Node. In vulnerable versions of ws, the issue can be mitigated by reducing the maximum allowed length of the request headers.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32640.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32640.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32640
reference_id
reference_type
scores
0
value 0.01154
scoring_system epss
scoring_elements 0.78894
published_at 2026-06-05T12:55:00Z
1
value 0.01154
scoring_system epss
scoring_elements 0.78867
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32640
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32640
3
reference_url https://github.com/websockets/ws
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/websockets/ws
4
reference_url https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff
5
reference_url https://github.com/websockets/ws/issues/1895
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/websockets/ws/issues/1895
6
reference_url https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/websockets/ws/security/advisories/GHSA-6fc8-4gx4-v693
7
reference_url https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdfa7b6253c4d6271e31566ecd5f30b7ce1b8fb2c89d52b8c4e0f4e30@%3Ccommits.tinkerpop.apache.org%3E
8
reference_url https://security.netapp.com/advisory/ntap-20210706-0005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210706-0005
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1965488
reference_id 1965488
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1965488
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32640
reference_id CVE-2021-32640
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32640
fixed_packages
0
url pkg:npm/ws@5.2.3
purl pkg:npm/ws@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72v3-t5vr-w7hx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ws@5.2.3
1
url pkg:npm/ws@6.2.2
purl pkg:npm/ws@6.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72v3-t5vr-w7hx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ws@6.2.2
2
url pkg:npm/ws@7.4.6
purl pkg:npm/ws@7.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72v3-t5vr-w7hx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ws@7.4.6
aliases CVE-2021-32640, GHSA-6fc8-4gx4-v693
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q35m-3hvy-a7dx
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/ws@6.2.2