CVE-2020-36048

Uncontrolled Resource Consumption in npm/engine.io

Identifiers

CVE-2020-36048

Package Slug

npm/engine.io

Vulnerability

Uncontrolled Resource Consumption

Description

engine.iO allows attackers to cause a denial of service (resource consumption) via a POST request to the long polling transport.

Affected Versions

All versions before 4.0.0

Solution

Upgrade to version 4.0.0 or above.

Last Modified

2021-01-13

source