What the vulnerability does

01Description

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.

Key dates

02Disclosure timeline

December 2, 2020 CVE published
August 4, 2024 Record updated