GMS-2016-38: DoS due to excessively large websocket message

June 24, 2016

It is possible to crash the node process by sending an overly long websocket payload to a ws server.

References

github.com/nodejs/node/issues/7388
github.com/websockets/ws/commit/0328a8f49f004f98d2913016214e93b2fc2713bc

Code Behaviors & Features

Detect and mitigate GMS-2016-38 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →