Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:33624
HistoryJan 13, 2022 - 9:39 a.m.

Denial Of Service (DoS)

2022-01-1309:39:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
engine.io vulnerability
denial of service attack
uncaught exception
onwebsocket function
http request
remote attacker
node.js process

EPSS

0.004

Percentile

73.9%

engine.io is vulnerable to denial of service (DoS) attacks. A remote attacker is able to cause denial of service conditions by ending the node.js process using a specially crafted HTTP request to trigger an uncaught exception in onWebSocket function.

EPSS

0.004

Percentile

73.9%

Related for VERACODE:33624