[
November 15, 2022
### Impact Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impacted. That module is deprecated, so it will not ...
Continue Reading
November 15, 2022
### Impact Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impacted. That module is deprecated, so it will not ...
Continue Reading
November 15, 2022
@fastify/websocket provides WebSocket support for Fastify. Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impa ...
Continue Reading
November 15, 2022
@fastify/websocket and fastify-websocket are vulnerable to denial of service. The vulnerability is due to the `fastifyWebsocket` function in `index.js` which crashes the application on an uncaught exc ...
Continue Reading
November 15, 2022
WAFs were a top-notch security instrument a decade ago, but now they are not. They fail to protect APIs. Meanwhile, the number of API-specific vulnerabilities grew more than twofold in 2022. According ...
Continue Reading
October 17, 2022
In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the ser ...
Continue Reading
October 13, 2022
lighttpd is vulnerable to denial of service. The vulnerability exists due to a lack of initialization when an invalide HTTP request (websocket handshake) leading to a null pointer dereference allowing ...
Continue Reading
October 06, 2022
Back to Main
