10cartsharing (>=1.0.0 <=1.0.3), 1api (>=0.0.1 <=0.0.2) +7960 more potentially affected by CVE-2026-33151 via socket.io-parser (>=2.2.2 <=3.3.4)

socket.io-parser NPM version =2.2.2, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =1.0.2, =1.0.1, =2.16.1, =1.0.0-RC.1, =0.1.0, =1.0.1, =1.0.3 and more Source cves: CVE-2026-33151 Source advisory: OSV:GHSA-677M-J7P3-52F9...

org.webjars.npm:browser-sync-ui (=2.27.11), org.webjars.npm:nestjs__platform-socket.io (=9.0.0-next.2) +3 more potentially affected by CVE-2026-33151 via org.webjars.npm:socket.io-parser (>=2.3.1 <=4.2.5)

org.webjars.npm:socket.io-parser MAVEN version =2.3.1, =0.3.1, =0.5.0 - org.webjars.npm:socket.io-client =4.8.3 Source cves: CVE-2026-33151 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15680279...

ROOT-APP-NPM-CVE-2023-32695 CVE-2023-32695 in @rootio/socket.io-parser - Patched by Root

Root has patched CVE-2023-32695 in the @rootio/socket.io-parser package for Root:npm. Multiple fixed versions available...

Linux Distros Unpatched Vulnerability : CVE-2020-36049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - socket.io-parser before 3.4.1 allows attackers to cause a denial of service memory consumption via a large packet because a concatenation approach is used...

CVE-2023-32695

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

@ckeditor/ckeditor-cloud-services-collaboration (>=23.0.0 <=29.0.0), @ckeditor/ckeditor5-real-time-collaboration (>=29.1.0 <=33.0.0) +2 more potentially affected by CVE-2023-32695 via socket.io-parser (=3.4.1)

socket.io-parser NPM version =3.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on socket.io-parser and may be impacted: - @ckeditor/ckeditor-cloud-services-collaboration =23.0.0, =29.1.0, =29.0.0, =1.5.3, =2.1.0 Source cves: CVE-2023-32695 Source...

PT-2023-23969 · Npm +1 · Socket.Io-Parser +2

Content removed...

socket.io (>=3.0.0-rc1 <=3.0.0-rc4), socket.io-client (>=3.0.0-rc1 <=3.0.0-rc4) potentially affected by CVE-2022-2421 via socket.io-parser (>=4.0.1-rc1 <=4.0.1-rc3)

socket.io-parser NPM version =4.0.1-rc1, =3.0.0-rc1, =3.0.0-rc1, =3.0.0-rc4 Source cves: CVE-2022-2421 Source advisory: OSV:GHSA-QM95-PGCG-QQFQ...

10cartsharing (>=1.0.0 <=1.0.3), 1api (>=0.0.1 <=0.0.2) +7956 more potentially affected by CVE-2022-2421 via socket.io-parser (>=2.2.2 <=3.3.0)

socket.io-parser NPM version =2.2.2, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =1.0.2, =1.0.1, =2.16.1, =1.0.0-RC.1, =0.1.0, =1.0.1, =1.0.3 and more Source cves: CVE-2022-2421 Source advisory: OSV:GHSA-QM95-PGCG-QQFQ...

@ckeditor/ckeditor-cloud-services-collaboration (>=23.0.0 <=29.0.0), @ckeditor/ckeditor5-real-time-collaboration (>=29.1.0 <=33.0.0) +2 more potentially affected by CVE-2022-2421 via socket.io-parser (=3.4.1)

socket.io-parser NPM version =3.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on socket.io-parser and may be impacted: - @ckeditor/ckeditor-cloud-services-collaboration =23.0.0, =29.1.0, =29.0.0, =1.5.3, =2.1.0 Source cves: CVE-2022-2421 Source...

10cartsharing (>=1.0.0 <=1.0.3), 1api (>=0.0.1 <=0.0.2) +7956 more potentially affected by CVE-2020-36049 via socket.io-parser (>=2.2.2 <=3.3.0)

socket.io-parser NPM version =2.2.2, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =1.0.2, =1.0.1, =2.16.1, =1.0.0-RC.1, =0.1.0, =1.0.1, =1.0.3 and more Source cves: CVE-2020-36049 Source advisory: OSV:GHSA-XFHH-G9F5-X4M4...

AZL-45030 CVE-2020-36049 affecting package js-jquery 3.5.0-4

socket.io-parser before 3.4.1 allows attackers to cause a denial of service memory consumption via a large packet because a concatenation approach is used...

CVE-2020-36049

socket.io-parser before 3.4.1 allows attackers to cause a denial of service memory consumption via a large packet because a concatenation approach is used...