Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
socket socket.io-parser vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32695
socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in...
Socket Socket.io-parser
NA
CVE-2022-2421
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an malicious user to place references to functions at arbitrary places in the resulting query object.
Socket Socket.io-parser
5
CVSSv2
CVE-2020-36049
socket.io-parser prior to 3.4.1 allows malicious users to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.
Socket Socket.io-parser
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started