CVE-2020-36049
Uncontrolled Resource Consumption in npm/socket.io-parser
Identifiers
CVE-2020-36049
Package Slug
npm/socket.io-parser
Vulnerability
Uncontrolled Resource Consumption
Description
socket.io-parser allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.
Affected Versions
All versions before 3.4.1
Solution
Upgrade to version 3.4.1 or above.
Last Modified
2021-01-13
| source |