High severity7.5NVD Advisory· Published May 31, 2018· Updated Jun 17, 2026
CVE-2016-10542
CVE-2016-10542
Description
ws is a "simple to use, blazing fast and thoroughly tested websocket client, server and console for node.js, up-to-date against RFC-6455". By sending an overly long websocket payload to a ws server, it is possible to crash the node process. This affects ws 1.1.0 and earlier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
wsnpm | < 1.1.1 | 1.1.1 |
Affected products
2- Range: <=1.1.0
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-6663-c963-2gqgghsaADVISORY
- github.com/nodejs/node/issues/7388nvdIssue TrackingThird Party AdvisoryWEB
- nodesecurity.io/advisories/120nvdThird Party Advisory
- nvd.nist.gov/vuln/detail/CVE-2016-10542ghsaADVISORY
- www.npmjs.com/advisories/120ghsaWEB
News mentions
0No linked articles in our index yet.