EPSS
Percentile
64.5%
socket.io-parser is vulnerable to denial of service. The vulnerability exists due to the building up of ConsOneByteString objects caused by a concatenation approach when maxHttpBufferSize is set to a large size.
ConsOneByteString
blog.caller.xyz/socketio-engineio-dos/
github.com/bcaller/kill-engine-io
github.com/socketio/socket.io-parser/commit/dcb942d24db97162ad16a67c2a0cf30875342d55