Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
socket socket.io-parser vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32695
socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in...
Socket Socket.io-parser
NA
CVE-2022-2421
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an malicious user to place references to functions at arbitrary places in the resulting query object.
Socket Socket.io-parser
445
VMScore
CVE-2020-36049
socket.io-parser prior to 3.4.1 allows malicious users to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.
Socket Socket.io-parser
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started