58 matches found
EUVD-2019-0221
Malware in sbrugna...
EUVD-2022-7419
Malicious code in bioql PyPI...
EUVD-2022-1064
Malicious code in bioql PyPI...
EUVD-2023-1610
Malicious code in bioql PyPI...
EUVD-2022-0421
Malicious code in bioql PyPI...
CVE-2022-21676
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io...
Security Bulletin: Decision Optimization in IBM Cloud Pak for Data is vulnerable to Engine.IO denial of service (CVE-2023-31125)
Summary Decision Optimization in IBM Cloud Pak for Data is vulnerable to a denial of service of Engine.IO with details below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-31125 DESCRIPTION: Engine.IO is vulnerable to a denial of service, caused by an uncaught...
Critical: Red Hat Security Advisory: Red Hat Fuse 7.12 release and security update
A minor version update from 7.11 to 7.12 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring...
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
CVE-2023-31125
A flaw was found in Engine.IO, where it is vulnerable to a denial of service caused by an uncaught exception. This flaw allows an attacker to cause a denial of service by sending a specially crafted HTTP request...
CVE-2023-31125
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. An uncaught exception vulnerability was introduced in version 5.1.0 and included in version 4.1.0 of the socket.io parent package. Older versions are not impacted. A...
Cross site scripting
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. An uncaught exception vulnerability was introduced in version 5.1.0 and included in version 4.1.0 of the socket.io parent package. Older versions are not impacted. A...
CVE-2023-31125
Engine.IO in socket.io is affected by an uncaught exception vulnerability that can crash the Node.js process via a specially crafted HTTP request. Affected versions include Engine.IO 5.1.0 and 4.1.0 of the socket.io parent package; older versions are not impacted. The issue is fixed in Engine.IO ...
CVE-2023-31125 Uncaught exception in engine.io
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. An uncaught exception vulnerability was introduced in version 5.1.0 and included in version 4.1.0 of the socket.io parent package. Older versions are not impacted. A...
CVE-2023-31125 Uncaught exception in engine.io
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. An uncaught exception vulnerability was introduced in version 5.1.0 and included in version 4.1.0 of the socket.io parent package. Older versions are not impacted. A...
CVE-2023-31125 Uncaught exception in engine.io
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. An uncaught exception vulnerability was introduced in version 5.1.0 and included in version 4.1.0 of the socket.io parent package. Older versions are not impacted. A...
GHSA-Q9MW-68C2-J6M5 engine.io Uncaught Exception vulnerability
Impact A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. TypeError: Cannot read properties of undefined reading 'handlesUpgrades' at Server.onWebSocket build/server.js:515:67 This impacts all the users of the engine.io...
engine.io Uncaught Exception vulnerability
Impact A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. TypeError: Cannot read properties of undefined reading 'handlesUpgrades' at Server.onWebSocket build/server.js:515:67 This impacts all the users of the engine.io...
PT-2023-23163 · Engine.Io +2 · Engine.Io +2
Content removed...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service due to CVE-2022-41940
Summary Node.js module Engine.IO is used by IBM App Connect Enterprise Certified Container for communication between the DesignerAuthoring web console and the process running the DesignerAuthoring service. IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable...