Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
socket socket.io-parser vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-32695
socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in...
Socket Socket.io-parser
9.8
CVSSv3
CVE-2022-2421
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an malicious user to place references to functions at arbitrary places in the resulting query object.
Socket Socket.io-parser
7.5
CVSSv3
CVE-2020-36049
socket.io-parser prior to 3.4.1 allows malicious users to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.
Socket Socket.io-parser
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started