https://security.snyk.io/vuln/SNYK-GOLANG-NHOOYRIOWEBSOCKET-1244972

https://github.com/cilium/hubble-ui/blob/master/backend/go.mod#L62

Fixed in v1.8.7

websocket package versions before v1.8.7 are vulnerable to Denial of Service (DoS). A double-channel close panic was possible if a peer sent back multiple pongs for every ping. If the second ping arrived before the ping goroutine deleted its channel from the map, the channel would be closed twice and so panic would ensue.