Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SocketSocket.io-parser*

3 matches found

CVE
CVEadded 2022/10/25 12:0 a.m.216 views

CVE-2022-2421

CVE-2022-2421 : The vulnerability arises from improper type validation in the Socket.io attachment parsing, allowing overwriting of the _placeholder object and potentially placing function references in the resulting query object. In IBM App Connect Enterprise Certified Container, this could enab...

10CVSS9.3AI score0.01121EPSS
CVE
CVEadded 2021/01/07 11:24 p.m.95 views

CVE-2020-36049

CVE-2020-36049 affects socket.io-parser; before version 3.4.1 it allows memory exhaustion/DoS via a large packet due to the library’s concatenation approach. Affected component is socket.io-parser (used with socket.io). The issue results in elevated memory usage and potential denial of service un...

7.5CVSS7.1AI score0.02589EPSS
CVE
CVEadded 2026/03/20 8:13 p.m.35 views

CVE-2026-33151

CVE-2026-33151 affects Socket.IO. In affected releases (prior to 3.3.5, 3.4.4, and 4.2.6) a crafted Socket.IO packet can cause the server to buffer a large number of binary attachments, potentially exhausting memory. The vulnerability is patched in 3.3.5, 3.4.4, and 4.2.6. Some connected IBM bull...

8.7CVSS5.9AI score0.00514EPSS