Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/socket.io-parser@3.1.0
Typenpm
Namespace
Namesocket.io-parser
Version3.1.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.3.5
Latest_non_vulnerable_version4.2.6
Affected_by_vulnerabilities
0
url VCID-9r7z-mdtu-s7f4
vulnerability_id VCID-9r7z-mdtu-s7f4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33151.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33151.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33151
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16405
published_at 2026-06-11T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16535
published_at 2026-06-14T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.16561
published_at 2026-06-13T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.1655
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33151
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33151
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33151
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/socketio/socket.io
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/socketio/socket.io
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33151
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33151
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131477
reference_id 1131477
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131477
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449789
reference_id 2449789
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449789
8
reference_url https://github.com/socketio/socket.io/commit/719f9ebab0772ffb882bd614b387e585c1aa75d4
reference_id 719f9ebab0772ffb882bd614b387e585c1aa75d4
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:50:08Z/
url https://github.com/socketio/socket.io/commit/719f9ebab0772ffb882bd614b387e585c1aa75d4
9
reference_url https://github.com/socketio/socket.io/commit/9d39f1f080510f036782f2177fac701cc041faaf
reference_id 9d39f1f080510f036782f2177fac701cc041faaf
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:50:08Z/
url https://github.com/socketio/socket.io/commit/9d39f1f080510f036782f2177fac701cc041faaf
10
reference_url https://github.com/socketio/socket.io/commit/b25738c416c4e32fbff62ee182afa8f6d0dacf78
reference_id b25738c416c4e32fbff62ee182afa8f6d0dacf78
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:50:08Z/
url https://github.com/socketio/socket.io/commit/b25738c416c4e32fbff62ee182afa8f6d0dacf78
11
reference_url https://github.com/advisories/GHSA-677m-j7p3-52f9
reference_id GHSA-677m-j7p3-52f9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-677m-j7p3-52f9
12
reference_url https://github.com/socketio/socket.io/security/advisories/GHSA-677m-j7p3-52f9
reference_id GHSA-677m-j7p3-52f9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:50:08Z/
url https://github.com/socketio/socket.io/security/advisories/GHSA-677m-j7p3-52f9
fixed_packages
0
url pkg:npm/socket.io-parser@3.3.5
purl pkg:npm/socket.io-parser@3.3.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@3.3.5
1
url pkg:npm/socket.io-parser@3.4.4
purl pkg:npm/socket.io-parser@3.4.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@3.4.4
2
url pkg:npm/socket.io-parser@4.2.6
purl pkg:npm/socket.io-parser@4.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@4.2.6
aliases CVE-2026-33151, GHSA-677m-j7p3-52f9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9r7z-mdtu-s7f4
1
url VCID-savv-9jgw-7yeq
vulnerability_id VCID-savv-9jgw-7yeq
summary socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36049.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36049.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-36049
reference_id
reference_type
scores
0
value 0.00528
scoring_system epss
scoring_elements 0.67574
published_at 2026-06-11T12:55:00Z
1
value 0.00528
scoring_system epss
scoring_elements 0.67663
published_at 2026-06-12T12:55:00Z
2
value 0.00528
scoring_system epss
scoring_elements 0.67676
published_at 2026-06-13T12:55:00Z
3
value 0.00528
scoring_system epss
scoring_elements 0.67674
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-36049
2
reference_url https://blog.caller.xyz/socketio-engineio-dos
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.caller.xyz/socketio-engineio-dos
3
reference_url https://blog.caller.xyz/socketio-engineio-dos/
reference_id
reference_type
scores
url https://blog.caller.xyz/socketio-engineio-dos/
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36049
5
reference_url https://github.com/bcaller/kill-engine-io
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcaller/kill-engine-io
6
reference_url https://github.com/socketio/socket.io-parser/commit/dcb942d24db97162ad16a67c2a0cf30875342d55
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/socketio/socket.io-parser/commit/dcb942d24db97162ad16a67c2a0cf30875342d55
7
reference_url https://github.com/socketio/socket.io-parser/releases/tag/3.3.2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/socketio/socket.io-parser/releases/tag/3.3.2
8
reference_url https://github.com/socketio/socket.io-parser/releases/tag/3.4.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/socketio/socket.io-parser/releases/tag/3.4.1
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-36049
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-36049
10
reference_url https://www.npmjs.com/package/socket.io-parser
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/socket.io-parser
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1918266
reference_id 1918266
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1918266
12
reference_url https://github.com/advisories/GHSA-xfhh-g9f5-x4m4
reference_id GHSA-xfhh-g9f5-x4m4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xfhh-g9f5-x4m4
fixed_packages
0
url pkg:npm/socket.io-parser@3.3.2
purl pkg:npm/socket.io-parser@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9r7z-mdtu-s7f4
1
vulnerability VCID-vawq-jsk5-n3gq
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@3.3.2
1
url pkg:npm/socket.io-parser@3.4.1
purl pkg:npm/socket.io-parser@3.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9r7z-mdtu-s7f4
1
vulnerability VCID-vawq-jsk5-n3gq
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@3.4.1
aliases CVE-2020-36049, GHSA-xfhh-g9f5-x4m4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-savv-9jgw-7yeq
2
url VCID-vawq-jsk5-n3gq
vulnerability_id VCID-vawq-jsk5-n3gq
summary socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32695
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.53888
published_at 2026-06-11T12:55:00Z
1
value 0.00302
scoring_system epss
scoring_elements 0.54031
published_at 2026-06-13T12:55:00Z
2
value 0.00302
scoring_system epss
scoring_elements 0.54014
published_at 2026-06-12T12:55:00Z
3
value 0.0035
scoring_system epss
scoring_elements 0.58001
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32695
1
reference_url https://github.com/socketio/socket.io-parser
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/socketio/socket.io-parser
2
reference_url https://github.com/socketio/socket.io-parser/commit/1c220ddbf45ea4b44bc8dbf6f9ae245f672ba1b9
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/socketio/socket.io-parser/commit/1c220ddbf45ea4b44bc8dbf6f9ae245f672ba1b9
3
reference_url https://github.com/socketio/socket.io-parser/commit/ee006607495eca4ec7262ad080dd3a91439a5ba4
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/socketio/socket.io-parser/commit/ee006607495eca4ec7262ad080dd3a91439a5ba4
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-32695
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-32695
5
reference_url https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced
reference_id 2dc3c92622dad113b8676be06f23b1ed46b02ced
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-13T21:03:23Z/
url https://github.com/socketio/socket.io-parser/commit/2dc3c92622dad113b8676be06f23b1ed46b02ced
6
reference_url https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3
reference_id 3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-13T21:03:23Z/
url https://github.com/socketio/socket.io-parser/commit/3b78117bf6ba7e99d7a5cfc1ba54d0477554a7f3
7
reference_url https://github.com/socketio/socket.io-parser/releases/tag/4.2.3
reference_id 4.2.3
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-13T21:03:23Z/
url https://github.com/socketio/socket.io-parser/releases/tag/4.2.3
8
reference_url https://github.com/advisories/GHSA-cqmj-92xf-r6r9
reference_id GHSA-cqmj-92xf-r6r9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cqmj-92xf-r6r9
9
reference_url https://github.com/socketio/socket.io-parser/security/advisories/GHSA-cqmj-92xf-r6r9
reference_id GHSA-cqmj-92xf-r6r9
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-13T21:03:23Z/
url https://github.com/socketio/socket.io-parser/security/advisories/GHSA-cqmj-92xf-r6r9
fixed_packages
0
url pkg:npm/socket.io-parser@3.3.4
purl pkg:npm/socket.io-parser@3.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9r7z-mdtu-s7f4
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@3.3.4
1
url pkg:npm/socket.io-parser@3.4.3
purl pkg:npm/socket.io-parser@3.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9r7z-mdtu-s7f4
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@3.4.3
2
url pkg:npm/socket.io-parser@4.2.3
purl pkg:npm/socket.io-parser@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9r7z-mdtu-s7f4
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@4.2.3
aliases CVE-2023-32695, GHSA-cqmj-92xf-r6r9
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vawq-jsk5-n3gq
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/socket.io-parser@3.1.0