Vulnerabilities > Socket > Socket IO

DATE CVE VULNERABILITY TITLE RISK
2021-01-19 CVE-2020-28481 Origin Validation Error vulnerability in Socket Socket.Io
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration.
network
low complexity
socket CWE-346
4.3
4.3
2018-06-04 CVE-2017-16031 Use of Insufficiently Random Values vulnerability in Socket Socket.Io
Socket.io is a realtime application framework that provides communication via websockets.
network
low complexity
socket CWE-330
7.5
7.5