CVE-2020-36049

Uncontrolled Resource Consumption in npm/socket.io-parser

Identifier

CVE-2020-36049

Package Slug

npm/socket.io-parser

Vulnerability

Uncontrolled Resource Consumption

Description

socket.io-parser allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.

Affected Versions

All versions before 3.4.1

Solution

Upgrade to version 3.4.1 or above.

Last Modified

2021-01-13

source