VYPR

Socket.io Parser

by Io Socket SSL

Source repositories

CVEs (1)

  • CVE-2022-2421CriOct 26, 2022
    risk 0.58cvss 10.0epss 0.01

    Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object.