LOW npm
GHSA-2mhh-w6q8-5hxw · CVE-2016-10518 Remote Memory Disclosure in ws
Modified: 11/8/2023
package
npm / ws
pkg:npm/ws
HIGH 7.5 npm
GHSA-3h5v-q93c-6h6q · CVE-2024-37890 ws affected by a DoS when handling a request with many HTTP headers
Modified: 5/13/2026
MEDIUM 4.4 npm
GHSA-58qx-3vcg-4xpx · CVE-2026-45736 ws: Uninitialized memory disclosure
Modified: 5/20/2026
HIGH 7.5 npm
GHSA-5v72-xg48-5rpm Denial of Service in ws
Modified: 8/4/2021
HIGH npm
GHSA-6663-c963-2gqg · CVE-2016-10542 DoS due to excessively large websocket message in ws
Modified: 11/8/2023
MEDIUM 5.3 npm
GHSA-6fc8-4gx4-v693 · CVE-2021-32640 ReDoS in Sec-Websocket-Protocol header
Modified: 3/13/2026
HIGH 7.5 npm
GHSA-96hv-2xvq-fx4p · CVE-2026-48779 ws: Memory exhaustion DoS from tiny fragments and data chunks
Modified: 6/15/2026