Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

socket.io-parser

Ecosystem:
npm
Package URL:
pkg:npm/socket.io-parser
Total PRs:
282 Dependabot PRs
Latest PR:
3 days ago
Unique Repositories:
233 repositories
Unique Repos (30 days):
33 repositories
Security Advisories
Resource exhaustion in socket.io-parser
GHSA-xfhh-g9f5-x4m4 CVE-2020-36049 HIGH published about 4 years ago • updated 3 months ago
The `socket.io-parser` npm package before versions 3.3.2 and 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large p...
Insufficient validation when decoding a Socket.IO packet
GHSA-qm95-pgcg-qqfq CVE-2022-2421 CRITICAL published almost 3 years ago • updated 26 days ago
Due to improper type validation in the `socket.io-parser` library (which is used by the `socket.io` and `socket.io-client` packages to encode and d...
Insufficient validation when decoding a Socket.IO packet
GHSA-cqmj-92xf-r6r9 CVE-2023-32695 MODERATE published over 2 years ago • updated 3 months ago
### Impact A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. ``` ...
Recent PRs (filtered by: Merged , Major PRs )
RSS Feed Clear filter
Bump socket.io-parser and socket.io-client in /frontend

kiliankoe/gptdash #14

2.3.1 → 4.2.4 Major PR
Merged 30 days ago
kiliankoe
Bump socket.io-parser and karma

jenny86520/akaSchool #60

3.2.0 → 4.2.4 Major PR
Merged 2 months ago 9 comments
jenny86520
Bump socket.io-parser and karma

cxlet/game-of-life #47

2.3.1 → 4.2.4 Major PR
Merged 3 months ago
cxlet
Bump socket.io-parser and browser-sync

michaelnunn3/Portfolio #26

3.2.0 → 4.2.4 Major PR
Merged 4 months ago
michaelnunn3
build(deps): bump socket.io-parser and browser-sync

Marlborough-School/stem_website #6

3.1.2 → 4.2.4 Major PR
Merged 4 months ago
Marlborough-School
Bump socket.io-parser and karma in /assets/template/bootstrap

melgar1992/sistema-ganadero-recria #38

3.2.0 → 4.2.4 Major PR
Merged about 1 year ago
melgar1992
Package Details
Name: socket.io-parser
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/socket.io-parser
JSON API: View JSON
Security Advisories

3

Active advisories
CRITICAL 1
HIGH 1
MODERATE 1
View All npm Advisories
Package Information
Description:

socket.io protocol parser

Repository: https://github.com/Automattic/socket.io-parser
Homepage: https://github.com/Automattic/socket.io-parser#readme
Latest Release: 4.2.4
over 2 years ago
Dependent Repos: 1,259,292
Dependent Packages: 303
Downloads: 44,217,820
Ranking: Top 0.0276% by dependent repos Top 0.0459% by downloads Top 0.1696% by dependent pkgs
PR Status
Open 132 (46.8%)
Merged 38 (13.5%)
Closed 84 (29.8%)
PR Types
Minor 55 (19.5%)
Major 77 (27.3%)
Patch 120 (42.6%)