NextGuard
UNKNOWNCVE-2020-36048

Resource exhaustion in engine.io

Platform

nodejs

Component

engine.io

Fixed in

3.6.0

View on NVD

Engine.IO before 4.0.0 and 3.6.0 allows attackers to cause a denial of service (resource consumption) via a POST request to the long polling transport.

How to fix

Actualice la biblioteca Engine.IO a la versión 4.0.0 o superior. Esto corrige la vulnerabilidad de denegación de servicio causada por el consumo excesivo de recursos mediante solicitudes POST al transporte de long polling.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2020-36048 — Vulnerability Details | NextGuard | NextGuard