github.com/ecnepsnai/web is vulnerable to denial of service. The vulnerability exists in the socketHandler
function in websocket.go
because the AuthenticateMethod
is not called, and UserData
will be nil in request methods which will attempt to read the UserData
and may result in a panic.