python-engineio@1.2.1 vulnerabilities
Engine.IO server and client for Python
-
latest version
4.9.0
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
3 months ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the python-engineio package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
python-engineio is a Python implementation of the Engine.IO realtime client and server. Affected versions of this package are vulnerable to Cross-Site WebSocket Hijacking (CSWSH). An attackers can make WebSocket connections to a server by using a victim's credentials, because the How to fix Cross-Site WebSocket Hijacking (CSWSH)? Upgrade |
[,3.9.0)
|