Closed FeBe95 closed 4 months ago
There is a high vulnerability reported in the ws dependency of this package: ws affected by a DoS when handling a request with many HTTP headers · CVE-2024-37890 · GitHub Advisory Database
ws
The ws dependency is locked to version 8.11.x in this package (~8.11.0).
8.11.x
~8.11.0
If possible, please update to ^8.17.1 (or ~8.17.1).
^8.17.1
~8.17.1
This should be fixed by https://github.com/socketio/socket.io-adapter/commit/93fe19019e1c0b82a41a15bd86acbac10634c60b.
There is a high vulnerability reported in the
ws
dependency of this package: ws affected by a DoS when handling a request with many HTTP headers · CVE-2024-37890 · GitHub Advisory DatabaseThe
ws
dependency is locked to version8.11.x
in this package (~8.11.0
).If possible, please update to
^8.17.1
(or~8.17.1
).