Lucene search
PRIOn knowledge basePRION:CVE-2022-25867HistoryAug 02, 2022 - 2:15 p.m.
Null pointer dereference
2022-08-0214:15:00
PRIOn knowledge base
www.prio-n.com
5
0.002 Low
EPSS
Percentile
60.8%
The package io.socket:socket.io-client before 2.0.1 are vulnerable to NULL Pointer Dereference when parsing a packet with with invalid payload format.
| CPE | Name | Operator | Version |
|---|---|---|---|
| socket.io-client_java | lt | 2.0.1 |
References
github.com/socketio/socket.io-client-java/commit/8664499b6f31154f49783531f778dac5387b766b
github.com/socketio/socket.io-client-java/commit/e8ffe9d1383736f6a21090ab959a2f4fa5a41284
github.com/socketio/socket.io-client-java/issues/508%23issuecomment-1179817361
github.com/socketio/socket.io-client-java/releases/tag/socket.io-client-2.0.1
security.snyk.io/vuln/SNYK-JAVA-IOSOCKET-2949738
Related
osv
osv
Socket.IO-client Java before 2.0.1 vulnerable to NULL Pointer Dereference
2022-08-03 00:00:57
CVE-2022-25867
2022-08-02 14:15:10
cve
cve
CVE-2022-25867
2022-08-02 14:15:10
nvd
nvd
CVE-2022-25867
2022-08-02 14:15:10
veracode
veracode
Denial Of Service
2022-08-03 09:52:14
github
github
Socket.IO-client Java before 2.0.1 vulnerable to NULL Pointer Dereference
2022-08-03 00:00:57
cvelist
cvelist
CVE-2022-25867 NULL Pointer Dereference
2022-08-02 00:00:00
ibm
ibm