socket.io-parser is vulnerable to denial of service. The vulnerability exists due to the building up of ConsOneByteString
objects caused by a concatenation approach when maxHttpBufferSize is set to a large size.
CPE | Name | Operator | Version |
---|---|---|---|
socket.io-parser | le | 3.4.1 | |
socket.io-parser | le | 4.0.2 |