Vulnerabilities > Socket > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-08 CVE-2023-31125 Unspecified vulnerability in Socket Engine.Io
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO.
network
low complexity
socket
6.5
2022-11-22 CVE-2022-41940 Unspecified vulnerability in Socket Engine.Io
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO.
network
low complexity
socket
6.5
2021-01-19 CVE-2020-28481 Origin Validation Error vulnerability in Socket Socket.Io
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration.
network
low complexity
socket CWE-346
4.3
2018-05-31 CVE-2016-10536 Improper Certificate Validation vulnerability in Socket Engine.Io-Client
engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO.
network
high complexity
socket CWE-295
5.9