3 matches found
10cartsharing (>=1.0.0 <=1.0.3), 1api (>=0.0.1 <=0.0.2) +7063 more potentially affected by CVE-2020-36048 via engine.io (>=0.1.0 <=3.5.0)
engine.io NPM version =0.1.0, =1.0.0, =0.0.1, =0.1.0, =1.0.2, =1.0.0-RC.1, =0.1.0, =1.0.0, =4.11.25, =0.1.4, =0.0.15, =0.0.16 and more Source cves: CVE-2020-36048 Source advisory: OSV:GHSA-J4F2-536G-R55M...
CVE-2020-36048
creationtimestamp| type| source ---|---|--- 2021-01-08 02:40:56+00:00| seen| https://t.me/cibsecurity/21800...
CVE-2020-36048
Engine.IO before 4.0.0 is vulnerable to denial of service via a malformed POST to the long-polling transport. Root cause: improper input validation leading to resource consumption. Impact: DoS with potential high CPU/memory usage. Affected products/versions include Engine.IO prior to 4.0.0. Remed...