VDB
CVE-2016-10518
CVE-2016-10518
PUBLISHED
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but internally ws always transforms all data that we need to send to a Buffer instance and that is where the vulnerability existed. ws didn't do any checks for the type of data it was sending. With buffers in node when you allocate it when a number instead of a string it will allocate the amount of bytes.
EPSS 0.34% · 57.4th percentile
Risk Scores
EPSS Score
0.34%
57.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | node-ws | 0, 0.7.2+ds1.349b7460-1 |
Exploit Intelligence
Timeline
- May 31, 2018 CVE Published
- Jan 8, 2021 CVE Updated
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2016-10518 third-party-advisory
- https://gist.github.com/c0nrad/e92005446c480707a74a third-party-advisory
- https://github.com/websockets/ws/releases/tag/1.0.1 third-party-advisory
- https://nodesecurity.io/advisories/67 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2016-10518 third-party-advisory