2 matches found
CVE-2022-41940
CVE-2022-41940 affects Engine.IO, the transport layer used by Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, causing the Node.js process to crash and resulting in a denial of service. Affected are Engine.IO versions prior to patches released...
CVE-2022-21676
CVE-2022-21676 affects Engine.IO (used by Socket.IO) andCan trigger an uncaught exception on the Engine.IO server via a specially crafted HTTP request, crashing the Node.js process. Impact starts with engine.io version 4.0.0; versions prior to 4.0.0 are not affected. Patches are released per majo...