We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
socket.io
Describe the bug A clear and concise description of what the bug is.
The currently used socket.io is ^2.2.0. However this version of socket.io has a DOS vulnerability from their dependency engine.io. GHSA-j4f2-536g-r55m
^2.2.0
engine.io
To Reproduce
See URL above. Install cypress-plugin-snapshots. Notice that engine.io version is vulnerable.
cypress-plugin-snapshots
Expected behavior A clear and concise description of what you expected to happen.
Not vulnerable version of socket.io.
Screenshots If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
The text was updated successfully, but these errors were encountered:
meinaart
No branches or pull requests
Describe the bug
A clear and concise description of what the bug is.
The currently used
socket.io
is^2.2.0
.However this version of
socket.io
has a DOS vulnerability from their dependencyengine.io
. GHSA-j4f2-536g-r55mTo Reproduce
See URL above. Install
cypress-plugin-snapshots
. Notice thatengine.io
version is vulnerable.Expected behavior
A clear and concise description of what you expected to happen.
Not vulnerable version of
socket.io
.Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
The text was updated successfully, but these errors were encountered: