Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue or not even an issue at all" because the developer of an application (that uses uWebSockets) should not be allowing the large number of triggered topics to accumulate
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
uWebSockets 缓冲区错误漏洞
Vulnerability Description
uWebSockets是一款高度可拓展的最轻量级、效率最高的WebSocket服务器库。它具有易于使用的,完全异步面向对象的接口和与其他竞品对比扩展到数百万连接只使用一小部分内存的特点。 uWebSockets 18.11.0和18.12.0版本存在缓冲区错误漏洞,该漏洞源于在"uWS::TopicTree::trimTree"中存在基于堆栈的缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A