Alchemystic

**Name of the Vulnerable Software and Affected Versions** ws versions 1.1.0 and earlier **Description** The issue allows an attacker to crash the node process by sending an overly long websocket payload to a ws server. This is due to the affected versions of `ws` not appropriately limiting the size of incoming websocket payloads, resulting in a denial of service condition. **Recommendations** Update to version 1.1.1 or later. Alternatively, set the `maxpayload` option for the `ws` server to a value smaller than 256MB.