23 matches found
OPENSUSE-SU-2026:11170-1 python311-python-engineio-4.13.3-1.1 on GA media
These are all security issues fixed in the python311-python-engineio-4.13.3-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:21182-1 Security update for python-python-engineio
This update for python-python-engineio fixes the following issues: Changes in python-python-engineio: - CVE-2026-48802: remote user can cause the creation of unnecessary background threads in the server through the heartbeat mechanism and cause a DoS bsc1269544 - CVE-2026-48809: size of incoming...
ROOT-APP-NPM-CVE-2022-41940 CVE-2022-41940 in @rootio/engine.io - Patched by Root
Root has patched CVE-2022-41940 in the @rootio/engine.io package for Root:npm. Multiple fixed versions available...
EUVD-2019-0113
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-13611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket...
CVE-2019-13611
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
Fedora 38 : python-engineio (2022-8ca9330e57)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8ca9330e57 advisory. Automatic update for python-engineio-4.3.4-2.fc38. Changelog Thu Sep 15 2022 Benjamin A. Beasley 4.3.4-2 - Dont ship package-lock.json files with the example...
OPENSUSE-SU-2024:14157-1 python310-python-engineio-4.3.4-3.3 on GA media
These are all security issues fixed in the python310-python-engineio-4.3.4-3.3 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11260-1 python36-python-engineio-4.2.0-1.2 on GA media
These are all security issues fixed in the python36-python-engineio-4.2.0-1.2 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2019-13611
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
python-engineio vulnerable to Cross-Site Request Forgery (CSRF)
WebSocket cross-origin vulnerability Impact This is a Cross-Site Request Forgery CSRF vulnerability. It affects Socket.IO and Engine.IO web servers that authenticate clients using cookies. Patches python-engineio version 3.9.0 patches this vulnerability by adding server-side Origin header checks...
CVE-2019-13611
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
CVE-2019-13611
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
DEBIAN-CVE-2019-13611
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
PYSEC-2019-170
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
UBUNTU-CVE-2019-13611
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
PYSEC-2019-170
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
CVE-2019-13611
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
Cross site scripting
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...
CVE-2019-13611
An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted...