CVE-2022-25867

Summary

The package io.socket:socket.io-client before 2.0.1 are vulnerable to NULL Pointer Dereference when parsing a packet with with invalid payload format.

Affected Software

VendorProductVersion RangeStatus
n/aio.socket:socket.io-clientunspecified < 2.0.1affected

Weaknesses

  • NULL Pointer Dereference

ADP Enrichment

CVE Program Container

Additional References

References