CVE-2023-32695: Insufficient validation when decoding a Socket.IO packet
(updated )
Impact
A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process.
References
Detect and mitigate CVE-2023-32695 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →