socket.io-parser icon indicating copy to clipboard operation
socket.io-parser copied to clipboard

Published 20 hours ago verified publisher icon socketio

Insufficient Validation When Decoding A Socket.IO Packet In Socket.Io-Parser

Open ankitdn opened this issue 1 year ago • 1 comments
trafficstars

Describe the bug While scanning my node.js application's manifest file using Vulert.com for vulnerability checks, I identified an issue associated with your package.

Reference Upon conducting a vulnerability scan, the following references were identified: Vulert Scan Report: Vulert Report CVE Reference: CVE-2023-32695

ankitdn avatar Feb 04 '24 16:02 ankitdn

This issue was fixed in [email protected]. Could you please update the version of your socket.io and/or socket.io-client packages?

Reference: https://github.com/advisories/GHSA-cqmj-92xf-r6r9

darrachequesne avatar Feb 05 '24 09:02 darrachequesne

I think this can be closed now. Please reopen if needed.

darrachequesne avatar Jun 25 '24 20:06 darrachequesne