Vulnerability	Vulnerable Version
H Denial of Service (DoS) engine.io is a realtime engine behind Socket.IO. It provides the foundation of a bidirectional connection between client and server Affected versions of this package are vulnerable to Denial of Service (DoS). A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the `Node.js` process. How to fix Denial of Service (DoS)? Upgrade `engine.io` to version 3.6.1, 6.2.1 or higher.	<3.6.1>=4.0.0 <6.2.1
H Denial of Service (DoS) engine.io is a realtime engine behind Socket.IO. It provides the foundation of a bidirectional connection between client and server Affected versions of this package are vulnerable to Denial of Service (DoS) via a POST request to the long polling transport. How to fix Denial of Service (DoS)? Upgrade `engine.io` to version 3.6.0 or higher.	<3.6.0
M Denial of Service (DoS) `engine.io` is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. It provides the foundation of a bidirectional connection between client and server. Affected versions of the package are vulnerable to Denial of Service (DoS) by sending many upgrade events. A client could possibly create a lot of intervals without the old ones having a chance of being cleared. How to fix Denial of Service (DoS)? Upgrade `engine.io` to version 1.0.0 or higher.	<1.0.0

Go back to all versions of this package