5 matches found
EUVD-2022-6512
Malicious code in bioql PyPI...
MAL-2022-6199 Malicious code in socket.ioo-cient (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 07f01ed54db7c593f762bbcdbd2efed41f85c33c880ea63476c04a699db7c23b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Null pointer dereference
The package io.socket:socket.io-client before 2.0.1 are vulnerable to NULL Pointer Dereference when parsing a packet with with invalid payload format...
CVE-2022-25867
CVE-2022-25867 affects io.socket:socket.io-client (Java) pre-2.0.1. A NULL pointer dereference when parsing a packet with an invalid payload format can lead to denial of service. NVD lists a base score of 7.5 HIGH (NETWORK, low complexity, no user interaction). Public details confirm the issue in...
PT-2022-17577 · Unknown · Io.Socket:Socket.Io-Client
Name of the Vulnerable Software and Affected Versions: io.socket:socket.io-client versions prior to 2.0.1 Description: The issue is related to a NULL Pointer Dereference that occurs when parsing a packet with an invalid payload format. This can happen in the io.socket:socket.io-client package...