Lucene search
K

11 matches found

OSV
OSV
added 2026/06/26 8:48 p.m.2 views

GHSA-M9GH-VJ53-GVH9 python-engineio has possible denial of service due to maximum payload size sometimes not being enforced

Impact There are two specific configurations of the python-engineio server in which the size of incoming messages is not checked before the messages are loaded into memory. An attacker can take advantage of these to cause unnecessary memory allocations in the python-engineio server. The two cases...

7.5CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-53020

Name of the Vulnerable Software and Affected Versions python-engineio versions prior to 4.13.2 Description Two specific configurations of the server fail to verify the size of incoming messages before loading them into memory, which can lead to excessive memory allocations. This occurs during POS...

7.5CVSS5.8AI score
Exploits0References13
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

phoenix 安全漏洞

Phoenix is a web development framework developed under the Phoenix framework open source project. Versions of Phoenix from 1.7.0 to 1.7.22, as well as 1.8.6, have security vulnerabilities. These vulnerabilities stem from the unlimited resource allocation during the processing of NDJSON data...

8.7CVSS5.8AI score0.00469EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1064

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.03237EPSS
Exploits1References6
OSV
OSV
added 2022/02/09 10:29 p.m.23 views

GHSA-J4F2-536G-R55M Resource exhaustion in engine.io

Engine.IO before 4.0.0 and 3.6.0 allows attackers to cause a denial of service resource consumption via a POST request to the long polling transport...

7.5CVSS7.2AI score0.03237EPSS
Exploits1References6
NVD
NVD
added 2021/01/08 12:15 a.m.13 views

CVE-2020-36048

Engine.IO before 4.0.0 allows attackers to cause a denial of service resource consumption via a POST request to the long polling transport...

7.5CVSS7.3AI score0.03237EPSS
Exploits1References3
OSV
OSV
added 2021/01/08 12:15 a.m.14 views

CVE-2020-36048

Engine.IO before 4.0.0 allows attackers to cause a denial of service resource consumption via a POST request to the long polling transport...

7.5CVSS7AI score
Exploits0References3
Prion
Prion
added 2021/01/08 12:15 a.m.10 views

Design/Logic Flaw

Engine.IO before 4.0.0 allows attackers to cause a denial of service resource consumption via a POST request to the long polling transport...

5CVSS7.2AI score0.03237EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/01/08 12:15 a.m.3 views

CVE-2020-36048

Engine.IO before 4.0.0 allows attackers to cause a denial of service resource consumption via a POST request to the long polling transport...

7.5CVSS5.4AI score0.03237EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/01/07 11:24 p.m.19 views

CVE-2020-36048

Engine.IO before 4.0.0 allows attackers to cause a denial of service resource consumption via a POST request to the long polling transport...

7.3AI score0.03237EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/01/07 12:0 a.m.11 views

Socketio Engineio Resource Management Error Vulnerability

Socketio Engineio is a Javascript-based real-time engine for bi-directional communication between browsers and devices from the Socketio community. A security vulnerability exists in Socketio Engine.IO before 4.0.0, which can be exploited by an attacker to cause a denial of service resource...

7.5CVSS7.1AI score0.03237EPSS
Exploits1References4
Rows per page
Query Builder