CVE-2020-7693

Published July 9th, 2020

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECTS

Description

Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20.

sockjs/sockjs-node

WebSocket emulation - Node.js server

GitHub

2.1K

andsnw/sockjs-dos-py

CVE-2020-7693: SockJS 0.3.19 Denial of Service POC

GitHub