Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for websocket-driver-node by faye

    CVE-2026-54490 (GCVE-0-2026-54490)

    Vulnerability from nvd – Published: 2026-07-17 20:54 – Updated: 2026-07-17 20:54
    VLAI
    Title
    websocket-driver: Resource limit bypass via message compression
    Summary
    websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, if this library is used with the permessage-deflate extension, a WebSocket server or client can be made to accept messages that are larger than the configured maximum message size because the limit is checked against the message frames' length headers, which give the size of the compressed data, not the size after decompression in lib/websocket/driver/hybi.js. This can lead to applications accepting larger messages than expected and exceeding their intended resource usage. This issue is fixed in version 0.7.5.
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "product": "websocket-driver-node",
              "vendor": "faye",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 0.7.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, if this library is used with the permessage-deflate extension, a WebSocket server or client can be made to accept messages that are larger than the configured maximum message size because the limit is checked against the message frames\u0027 length headers, which give the size of the compressed data, not the size after decompression in lib/websocket/driver/hybi.js. This can lead to applications accepting larger messages than expected and exceeding their intended resource usage. This issue is fixed in version 0.7.5."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T20:54:22.417Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/faye/websocket-driver-node/security/advisories/GHSA-mp7j-qc5w-4988",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/faye/websocket-driver-node/security/advisories/GHSA-mp7j-qc5w-4988"
            },
            {
              "name": "https://github.com/faye/websocket-driver-node/commit/c55679a5b18251dd0a55d18a0cc6a4fd8822b92f",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/faye/websocket-driver-node/commit/c55679a5b18251dd0a55d18a0cc6a4fd8822b92f"
            }
          ],
          "source": {
            "advisory": "GHSA-mp7j-qc5w-4988",
            "discovery": "UNKNOWN"
          },
          "title": "websocket-driver: Resource limit bypass via message compression"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54490",
        "datePublished": "2026-07-17T20:54:22.417Z",
        "dateReserved": "2026-06-15T18:01:15.510Z",
        "dateUpdated": "2026-07-17T20:54:22.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54466 (GCVE-0-2026-54466)

    Vulnerability from nvd – Published: 2026-07-17 20:53 – Updated: 2026-07-17 20:53
    VLAI
    Title
    websocket-driver: Message corruption via abuse of protocol length headers
    Summary
    websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, the frame format in draft versions of the WebSocket protocol includes a length header that allows an arbitrarily large integer to be encoded as a sequence of bytes with the high bit set. By sending an indefinite sequence of bytes with values 0x80 or above, a client can make the server parse these bytes into an ever-growing integer in lib/websocket/driver/draft75.js; because JavaScript numbers are 64-bit floating point values, this number will eventually lose precision and lead to the subsequent payload being parsed incorrectly. This issue is fixed in version 0.7.5.
    CWE
    • CWE-130 - Improper Handling of Length Parameter Inconsistency
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "product": "websocket-driver-node",
              "vendor": "faye",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 0.7.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, the frame format in draft versions of the WebSocket protocol includes a length header that allows an arbitrarily large integer to be encoded as a sequence of bytes with the high bit set. By sending an indefinite sequence of bytes with values 0x80 or above, a client can make the server parse these bytes into an ever-growing integer in lib/websocket/driver/draft75.js; because JavaScript numbers are 64-bit floating point values, this number will eventually lose precision and lead to the subsequent payload being parsed incorrectly. This issue is fixed in version 0.7.5."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-130",
                  "description": "CWE-130: Improper Handling of Length Parameter Inconsistency",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T20:53:24.769Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/faye/websocket-driver-node/security/advisories/GHSA-xv26-6w52-cph6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/faye/websocket-driver-node/security/advisories/GHSA-xv26-6w52-cph6"
            },
            {
              "name": "https://github.com/faye/websocket-driver-node/commit/5b197ca874dab58e96cacad8a3c256797d804680",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/faye/websocket-driver-node/commit/5b197ca874dab58e96cacad8a3c256797d804680"
            }
          ],
          "source": {
            "advisory": "GHSA-xv26-6w52-cph6",
            "discovery": "UNKNOWN"
          },
          "title": "websocket-driver: Message corruption via abuse of protocol length headers"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54466",
        "datePublished": "2026-07-17T20:53:24.769Z",
        "dateReserved": "2026-06-15T15:30:40.319Z",
        "dateUpdated": "2026-07-17T20:53:24.769Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54490 (GCVE-0-2026-54490)

    Vulnerability from cvelistv5 – Published: 2026-07-17 20:54 – Updated: 2026-07-17 20:54
    VLAI
    Title
    websocket-driver: Resource limit bypass via message compression
    Summary
    websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, if this library is used with the permessage-deflate extension, a WebSocket server or client can be made to accept messages that are larger than the configured maximum message size because the limit is checked against the message frames' length headers, which give the size of the compressed data, not the size after decompression in lib/websocket/driver/hybi.js. This can lead to applications accepting larger messages than expected and exceeding their intended resource usage. This issue is fixed in version 0.7.5.
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "product": "websocket-driver-node",
              "vendor": "faye",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 0.7.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, if this library is used with the permessage-deflate extension, a WebSocket server or client can be made to accept messages that are larger than the configured maximum message size because the limit is checked against the message frames\u0027 length headers, which give the size of the compressed data, not the size after decompression in lib/websocket/driver/hybi.js. This can lead to applications accepting larger messages than expected and exceeding their intended resource usage. This issue is fixed in version 0.7.5."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T20:54:22.417Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/faye/websocket-driver-node/security/advisories/GHSA-mp7j-qc5w-4988",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/faye/websocket-driver-node/security/advisories/GHSA-mp7j-qc5w-4988"
            },
            {
              "name": "https://github.com/faye/websocket-driver-node/commit/c55679a5b18251dd0a55d18a0cc6a4fd8822b92f",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/faye/websocket-driver-node/commit/c55679a5b18251dd0a55d18a0cc6a4fd8822b92f"
            }
          ],
          "source": {
            "advisory": "GHSA-mp7j-qc5w-4988",
            "discovery": "UNKNOWN"
          },
          "title": "websocket-driver: Resource limit bypass via message compression"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54490",
        "datePublished": "2026-07-17T20:54:22.417Z",
        "dateReserved": "2026-06-15T18:01:15.510Z",
        "dateUpdated": "2026-07-17T20:54:22.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54466 (GCVE-0-2026-54466)

    Vulnerability from cvelistv5 – Published: 2026-07-17 20:53 – Updated: 2026-07-17 20:53
    VLAI
    Title
    websocket-driver: Message corruption via abuse of protocol length headers
    Summary
    websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, the frame format in draft versions of the WebSocket protocol includes a length header that allows an arbitrarily large integer to be encoded as a sequence of bytes with the high bit set. By sending an indefinite sequence of bytes with values 0x80 or above, a client can make the server parse these bytes into an ever-growing integer in lib/websocket/driver/draft75.js; because JavaScript numbers are 64-bit floating point values, this number will eventually lose precision and lead to the subsequent payload being parsed incorrectly. This issue is fixed in version 0.7.5.
    CWE
    • CWE-130 - Improper Handling of Length Parameter Inconsistency
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "product": "websocket-driver-node",
              "vendor": "faye",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 0.7.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "websocket-driver is a WebSocket protocol handler with pluggable I/O. Prior to 0.7.5, the frame format in draft versions of the WebSocket protocol includes a length header that allows an arbitrarily large integer to be encoded as a sequence of bytes with the high bit set. By sending an indefinite sequence of bytes with values 0x80 or above, a client can make the server parse these bytes into an ever-growing integer in lib/websocket/driver/draft75.js; because JavaScript numbers are 64-bit floating point values, this number will eventually lose precision and lead to the subsequent payload being parsed incorrectly. This issue is fixed in version 0.7.5."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-130",
                  "description": "CWE-130: Improper Handling of Length Parameter Inconsistency",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T20:53:24.769Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/faye/websocket-driver-node/security/advisories/GHSA-xv26-6w52-cph6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/faye/websocket-driver-node/security/advisories/GHSA-xv26-6w52-cph6"
            },
            {
              "name": "https://github.com/faye/websocket-driver-node/commit/5b197ca874dab58e96cacad8a3c256797d804680",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/faye/websocket-driver-node/commit/5b197ca874dab58e96cacad8a3c256797d804680"
            }
          ],
          "source": {
            "advisory": "GHSA-xv26-6w52-cph6",
            "discovery": "UNKNOWN"
          },
          "title": "websocket-driver: Message corruption via abuse of protocol length headers"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54466",
        "datePublished": "2026-07-17T20:53:24.769Z",
        "dateReserved": "2026-06-15T15:30:40.319Z",
        "dateUpdated": "2026-07-17T20:53:24.769Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }