Name of the Vulnerable Software and Affected Versions ws versions prior to 3.3.1

Description The issue arises when a specially crafted Sec-WebSocket-Extensions header is sent, containing Object.prototype property names as extension or parameter names, which can cause affected versions of ws to crash.

Recommendations Update to version 3.3.1 or later.