Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:40697
HistoryMay 26, 2023 - 6:07 a.m.

Denial Of Service (DoS)

2023-05-2606:07:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
denial of service
socket.io
validation
node.js
vulnerability

EPSS

0.003

Percentile

65.4%

socket.io-parser is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to trigger an uncaught exception on the Socket.IO server due to insufficient validation when decoding a Socket.IO packet, causing the application to crash by killing the Node.js process.

EPSS

0.003

Percentile

65.4%