Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
socket socket.io-parser vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-32695
socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in...
Socket Socket.io-parser
9.8
CVSSv3
CVE-2022-2421
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an malicious user to place references to functions at arbitrary places in the resulting query object.
Socket Socket.io-parser
7.5
CVSSv3
CVE-2020-36049
socket.io-parser prior to 3.4.1 allows malicious users to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.
Socket Socket.io-parser
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started