14 matches found
CVE-2022-21667
soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with t...
Soketi was exposed to Sandbox Escape vulnerability via vm2
Impact What kind of vulnerability is it? Who is impacted? Anyone who might have used Soketi with the cluster driver or through PM2. Patches Has the problem been patched? What versions should users upgrade to? Get the latest version of Soketi. Workarounds Is there a way for users to fix or remedia...
GHSA-G6W6-H933-4RC5 Soketi was exposed to Sandbox Escape vulnerability via vm2
Impact What kind of vulnerability is it? Who is impacted? Anyone who might have used Soketi with the cluster driver or through PM2. Patches Has the problem been patched? What versions should users upgrade to? Get the latest version of Soketi. Workarounds Is there a way for users to fix or remedia...
soketi denial of service vulnerability
soketi is a C application ported to Node.js. soketi suffers from a denial of service vulnerability that stems from not properly handling incoming error messages, which can be exploited by attackers to cause a denial of service in the application...
Denial Of Service (DoS)
@soketi/soketi is vulnerable to denial of service. The vulnerability that exists in the server function in server,ts file does not properly handle the endpoint value in dynamodb allowing an attacker to crash the application...
CVE-2022-21667
soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with t...
Design/Logic Flaw
soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with t...
soketi 安全漏洞
soketi is a C application ported to Node.js. soketi suffers from a denial of service vulnerability that stems from not properly handling incoming error messages, which can be exploited by attackers to cause a denial of service in the application...
GHSA-86CH-6W7V-V6XF Denial of Service in soketi
Impact What kind of vulnerability is it? Who is impacted? There was a wrong behavior when reading POST requests, making the server crash if it couldn't read the body. In case a POST request was sent to any endpoint of the server with an empty body, even unauthenticated with the Pusher Protocol, i...
Denial of Service in soketi
Impact What kind of vulnerability is it? Who is impacted? There was a wrong behavior when reading POST requests, making the server crash if it couldn't read the body. In case a POST request was sent to any endpoint of the server with an empty body, even unauthenticated with the Pusher Protocol, i...
CVE-2022-21667 Denial of Service in soketi
soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with t...
CVE-2022-21667 Denial of Service in soketi
soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with t...
CVE-2022-21667
The vulnerability CVE-2022-21667 affects soketi, an open‑source WebSockets server. An unhandled case when reading POST requests with an empty body can crash the server, even for unauthenticated clients using the Pusher Protocol. All users are affected; there are no workarounds and upgrading is re...
CVE-2022-21667 Denial of Service in soketi
soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with t...