EPSS
Percentile
64.5%
The socket.io-parser npm package before versions 3.3.2 and 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.
socket.io-parser
Upgrade to versions 3.3.2, 3.4.1 or later