It was discovered that websocket-extensions does not properly parse special headers. A remote attacker could use this issue to cause regex backtracking, resulting in a denial of service. (CVE-2020-7663)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "0.1.2-1+deb9u1build0.16.04.1", "binary_name": "ruby-websocket-extensions" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "0.1.2-1+deb9u1build0.18.04.1", "binary_name": "ruby-websocket-extensions" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "0.1.2-1+deb9u1build0.20.04.1", "binary_name": "ruby-websocket-extensions" } ] }