CVE-2020-36049

Опубликовано: 08 янв. 2021

Источник: ubuntu

Приоритет: medium

CVSS2: 5

CVSS3: 7.5

Описание

socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage
groovy	ignored	end of life
hirsute	ignored	end of life

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-36049

CVSS3: 7.5

redhat

около 6 лет назад

socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.

CVE-2020-36049

CVSS3: 7.5

nvd

около 5 лет назад

socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.

CVE-2020-36049

CVSS3: 7.5

debian

около 5 лет назад

socket.io-parser before 3.4.1 allows attackers to cause a denial of se ...

GHSA-xfhh-g9f5-x4m4

CVSS3: 7.5

github

больше 4 лет назад

Resource exhaustion in socket.io-parser

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2020-36049

Описание

Пакет node-socket.io-parser

Ссылки на источники

Связанные уязвимости