Socket - Socket.io CVE

Filtered by vendor Socket Subscribe

Filtered by product Socket.io

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-28481	1 Socket	1 Socket.io	2021-01-28	4.0 MEDIUM	4.3 MEDIUM
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.

Vulnerabilities (CVE)