GHSA-ghhp-3qvg-889p
websocket-driver: Memory exhaustion via abuse of protocol length headers
Details
### Impact
The frame format in draft versions of the WebSocket protocol includes a length header that allows an arbitrarily large integer to be encoded as a sequence of bytes with the high bit set. By sending an indefinite sequence of bytes with values `0x80` or above, a server or client can make the other peer parse these bytes into an ever-growing integer. Since Ruby integers are arbitrary precision, this can be used to make a WebSocket connection consume an unbounded amount of memory and lead to the host process running out of memory.
### Patches
The issue has been patched in version 0.8.1. All users should upgrade to this version.
### Workarounds
No known workarounds exist.
### Acknowledgements
This issue was discovered and reported by Pranjali Thakur, DepthFirst Security Research Team.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://github.com/faye/websocket-driver-ruby/security/advisories/GHSA-ghhp-3qvg-889p [WEB]
- https://github.com/faye/websocket-driver-ruby [PACKAGE]
- https://github.com/faye/websocket-driver-ruby/releases/tag/0.8.1 [WEB]
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/websocket-driver/CVE-2026-54463.yml [WEB]
- https://www.cve.org/CVERecord/SearchResults?query=CVE-2026-54463 [WEB]