CVE-2020-27813

Summary

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.

Affected Software

VendorProductVersion RangeStatus
n/agolang-github-gorilla-websocketgithub.com/gorilla/websocket v1.4.1affected

Weaknesses

  • CWE-190: CWE-190->CWE-400

ADP Enrichment

CVE Program Container

Additional References

References