Vulnerabilities > Socket > Engine IO > 3.4.0

DATE CVE VULNERABILITY TITLE RISK
2022-11-22 CVE-2022-41940 Uncaught Exception vulnerability in Socket Engine.Io
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO.
network
low complexity
socket CWE-248
6.5
6.5
2021-01-08 CVE-2020-36048 Resource Exhaustion vulnerability in Socket Engine.Io
Engine.IO before 4.0.0 allows attackers to cause a denial of service (resource consumption) via a POST request to the long polling transport.
network
low complexity
socket CWE-400
5.0
5.0