CVE-2023-32695 @ Npm-socket.io-parser-4.0.5

**Vulnerable Package** issue exists @ **Npm\-socket.io\-parser\-4.0.5** in branch **main**

A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue affects socket.io-parser versions 3.1.3 prior to 3.4.3, and 4.0.0 prior 4.2.3

**Namespace:** westonphillips
**Repository:** CheckmarxOnePOV
**Repository Url:** https://github.com/westonphillips/CheckmarxOnePOV
**CxAST\-Project:** westonphillips/CheckmarxOnePOV
**CxAST platform scan:** [6a8170d0\-38fa\-4efc\-81df\-42628474102c](https://ast.checkmarx.net/projects/3cff8712-758c-4ce1-a688-3efc7bdda2d9/scans?id=6a8170d0-38fa-4efc-81df-42628474102c&branch=main)
**Branch:** main
**Application:** CheckmarxOnePOV
**Severity:** HIGH
**State:** NOT_IGNORED
**Status:** RECURRENT
**CWE:** CWE-248


----
**Additional Info**
**Attack vector:** NETWORK
**Attack complexity:** LOW
**Confidentiality impact:** NONE
**Availability impact:** HIGH


----
**References**
[Advisory](https://github.com/advisories/GHSA-cqmj-92xf-r6r9)
[Commit](https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3)
[Commit](https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVE-2023-32695 @ Npm-socket.io-parser-4.0.5 #175

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

CVE-2023-32695 @ Npm-socket.io-parser-4.0.5 #175

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions