Engine.IO is a transport-based implementation of Socket.IO’s cross-browser/cross-device bi-directional communication layer.A denial-of-service vulnerability exists in versions of Socketio Engine.IO prior to 3.6.1, 4.0.0 and later, and prior to 6.2.1, which stems from a failure to properly handle incoming error messages and can be exploited by attackers to launch denial-of-service attacks.