Vulnerable Package issue exists @ Npm-socket.io-parser-4.0.5 in branch main
A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue affects socket.io-parser versions 3.1.3 prior to 3.4.3, and 4.0.0 prior 4.2.3
Vulnerable Package issue exists @ Npm-socket.io-parser-4.0.5 in branch main
A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue affects socket.io-parser versions 3.1.3 prior to 3.4.3, and 4.0.0 prior 4.2.3
Namespace: westonphillips Repository: CheckmarxOnePOV Repository Url: https://github.com/westonphillips/CheckmarxOnePOV CxAST-Project: westonphillips/CheckmarxOnePOV CxAST platform scan: 6a8170d0-38fa-4efc-81df-42628474102c Branch: main Application: CheckmarxOnePOV Severity: HIGH State: NOT_IGNORED Status: RECURRENT CWE: CWE-248
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: HIGH
References Advisory Commit Commit