Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:38678
HistoryDec 28, 2022 - 8:38 a.m.

Denial Of Service (DoS)

2022-12-2808:38:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
denial of service
vulnerability
websocket.go
authenticatemethod
userdata
panic

EPSS

0.002

Percentile

57.3%

JSON

github.com/ecnepsnai/web is vulnerable to denial of service. The vulnerability exists in the socketHandler function in websocket.go because the AuthenticateMethod is not called, and UserData will be nil in request methods which will attempt to read the UserDataand may result in a panic.

Related

osv 5
prion 1
cvelist 1
nvd 1
cve 1
github 1
osv
osv
ecnepsnai/web vulnerable to Uncontrolled Resource Consumption
2022-12-28 00:30:23
CVE-2021-4236
2022-12-27 22:15:12
GO-2022-0385
2022-07-01 20:11:02
prion
prion
Authentication flaw
2022-12-27 22:15:00
cvelist
cvelist
CVE-2021-4236 Panic or authentication bypass in github.com/ecnepsnai/web
2022-12-27 21:13:45
nvd
nvd
CVE-2021-4236
2022-12-27 22:15:12
cve
cve
CVE-2021-4236
2022-12-27 22:15:12
github
github
ecnepsnai/web vulnerable to Uncontrolled Resource Consumption
2022-12-28 00:30:23

EPSS

0.002

Percentile

57.3%

JSON
Related for VERACODE:38678
osv5prion1cvelist1nvd1cve1github1