Socket Socket.io

2 CVEs affecting Socket Socket.io. Latest disclosed: 2021-01-19. Critical: 0, High: 1.

Top CVEs affecting Socket Socket.io
CVESeverityScorePublishedSummary
CVE-2017-16031High7.52018-06-04Socket.io is a realtime application framework that provides communication via websockets. Because socket.io 0.9.6 and earlier depends on `Math.random()` to cre…
CVE-2020-28481Medium5.32021-01-19The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.