Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 11:19 a.m.26 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service due to [CVE-2023-32695]

Summary Node.js module Socket.IO is used by IBM App Connect Enterprise Certified Container for updating a DesignerAuthoring webconsole. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service. This bulletin provides patch information to addres...

7.5CVSS7.2AI score0.01059EPSS
Exploits0Affected Software1
Circl
Circl
added 2023/05/27 10:17 p.m.5 views

CVE-2023-32695

creationtimestamp| type| source ---|---|--- 2023-05-27 22:17:55+00:00| seen| https://t.me/cibsecurity/64741...

7.5CVSS7.7AI score0.01059EPSS
Exploits0References1
NVD
NVD
added 2023/05/27 4:15 p.m.22 views

CVE-2023-32695

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

7.5CVSS7.3AI score0.01059EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/05/27 3:44 p.m.40 views

CVE-2023-32695 Insufficient validation when decoding a Socket.IO packet

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

7.3CVSS7.7AI score0.01059EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/05/27 3:44 p.m.13 views

CVE-2023-32695 Insufficient validation when decoding a Socket.IO packet

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

7.3CVSS7.5AI score0.01059EPSS
Exploits0References4
CVE
CVE
added 2023/05/27 3:44 p.m.183 views

CVE-2023-32695

CVE-2023-32695 affects the socket.io-parser component (a Socket.IO encoder/decoder) used with Node.js services. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, causing the Node.js process to crash. A fix has been released in version 4.2.3 of socket....

7.5CVSS7.2AI score0.01059EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2023/05/27 3:44 p.m.31 views

CVE-2023-32695

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

7.5CVSS7.6AI score0.01059EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/23 7:55 p.m.6 views

0.edsql (>=1.0.49 <=1.0.50), 10secondsofcode-custom (=1.0.0) +1915 more potentially affected by CVE-2023-32695 via socket.io-parser (>=4.0.5 <=4.2.2)

socket.io-parser NPM version =4.0.5, =1.0.49, =1.0.0, =0.0.28, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =1.0.1, =0.8.2, =1.0.0, =0.1.13, =0.0.4, =0.0.9 and more Source cves: CVE-2023-32695 Source advisory: OSV:GHSA-CQMJ-92XF-R6R9...

7.5CVSS7.1AI score0.01059EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/23 7:55 p.m.7 views

@ckeditor/ckeditor-cloud-services-collaboration (>=23.0.0 <=29.0.0), @ckeditor/ckeditor5-real-time-collaboration (>=29.1.0 <=33.0.0) +2 more potentially affected by CVE-2023-32695 via socket.io-parser (=3.4.1)

socket.io-parser NPM version =3.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on socket.io-parser and may be impacted: - @ckeditor/ckeditor-cloud-services-collaboration =23.0.0, =29.1.0, =29.0.0, =1.5.3, =2.1.0 Source cves: CVE-2023-32695 Source...

7.5CVSS7.1AI score0.01059EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/23 7:55 p.m.4 views

10cartsharing (>=1.0.0 <=1.0.3), 1api (>=0.0.1 <=0.0.2) +7953 more potentially affected by CVE-2023-32695 via socket.io-parser (>=2.2.2 <=3.3.0)

socket.io-parser NPM version =2.2.2, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =1.0.2, =1.0.1, =2.16.1, =1.0.0-RC.1, =0.1.0, =1.0.1, =1.0.3 and more Source cves: CVE-2023-32695 Source advisory: OSV:GHSA-CQMJ-92XF-R6R9...

7.5CVSS7.2AI score0.01059EPSS
Exploits0
Rows per page
Query Builder