bcaller - Security Researcher - Exploit Intelligence Platform

CVE-2020-36048 WRITEUP HIGH WORKING POC

Socket Engine.io < 4.0.0 - Denial of Service

Engine.IO before 4.0.0 allows attackers to cause a denial of service (resource consumption) via a POST request to the long polling transport.

CVSS 7.5

View Code

CVE-2020-36049 WRITEUP HIGH WORKING POC

Socket.io-parser < 3.4.1 - Resource Allocation Without Limits

socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.

CVSS 7.5

View Code

CVE-2020-36049 WRITEUP HIGH WRITEUP

Socket.io-parser < 3.4.1 - Resource Allocation Without Limits

socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.

CVSS 7.5

View Code