Unrated severityNVD Advisory· Published Jul 1, 2021· Updated Aug 4, 2024
CVE-2020-36406
CVE-2020-36406
Description
uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue or not even an issue at all" because the developer of an application (that uses uWebSockets) should not be allowing the large number of triggered topics to accumulate
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- uWebSockets/uWebSocketsdescription
- Range: = 18.11.0, 18.12.0
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3- bugs.chromium.org/p/oss-fuzz/issues/detailmitrex_refsource_MISC
- github.com/google/oss-fuzz-vulns/blob/main/vulns/uwebsockets/OSV-2020-1695.yamlmitrex_refsource_MISC
- github.com/uNetworking/uWebSockets/commit/03fca626a95130ab80f86adada54b29d27242759mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.