Rivkasegan

**Name of the Vulnerable Software and Affected Versions** Tungstenite crate versions prior to 0.20.1 **Description** The issue allows remote attackers to cause a denial of service, resulting in minutes of CPU consumption, via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted and the average amount of data for each parse attempt. **Recommendations** For versions prior to 0.20.1, update to version 0.20.1 or later to resolve the issue. As a temporary workaround, consider restricting the length of HTTP headers in client handshakes to prevent excessive CPU consumption.