VYPR

npm package

engine.io-client

pkg:npm/engine.io-client

Vulnerabilities (1)

  • CVE-2016-10536MedMay 31, 2018
    affected < 1.6.9fixed 1.6.9

    engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the way that node.js handles the `rejectUnauthorized` setting. If the value is someth