GMS-2016-68: Denial of Service

October 17, 2016

By sending a Mb websocket message to a uws server instance, it is possible to crash the node process by exceeding V8’s maximum string size.

References

github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9

Code Behaviors & Features

Detect and mitigate GMS-2016-68 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →