NodeJS/sockjs/0.3.7
SockJS-node is a server counterpart of SockJS-client a JavaScript library that provides a WebSocket-like object in the browser. SockJS gives you a coherent, cross-browser, Javascript API which creates a low latency, full duplex, cross-domain communication
https://www.npmjs.com/package/sockjs
MIT
1 Security Vulnerabilities
Improper Input Validation in SocksJS-Node
Published date: 2021-04-13T15:27:51Z
CVE: CVE-2020-7693
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2020-7693
- https://github.com/advisories/GHSA-c9g6-9335-x697
- https://github.com/sockjs/sockjs-node/issues/252
- https://github.com/sockjs/sockjs-node/pull/265
- https://github.com/sockjs/sockjs-node/commit/dd7e642cd69ee74385825816d30642c43e051d16
- https://github.com/andsnw/sockjs-dos-py
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-575448
- https://snyk.io/vuln/SNYK-JS-SOCKJS-575261
- https://www.npmjs.com/package/sockjs
Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20.
Affected versions:
["0.0.0-rc1", "0.0.0-rc2", "0.0.1", "0.0.2", "0.0.3", "0.0.4", "0.0.5", "0.1.0", "0.1.1", "0.1.2", "0.2.0", "0.2.1", "0.3.0", "0.3.1", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "0.3.9", "0.3.10", "0.3.11", "0.3.12", "0.3.13", "0.3.14", "0.3.15", "0.3.16", "0.3.17", "0.3.18", "0.3.19"]
Secure versions:
[0.3.20, 0.3.21, 0.3.22, 0.3.23, 0.3.24]
Recommendation:
Update to version 0.3.24.
36 Other Versions
Version | License | Security | Released | |
---|---|---|---|---|
0.0.0-rc1 | MIT | 2 | 2011-08-11 - 16:17 | almost 13 years |
0.0.0-rc2 | MIT | 2 | 2011-08-11 - 16:38 | almost 13 years |
0.0.1 | MIT | 2 | 2011-08-17 - 15:45 | over 12 years |
0.0.2 | MIT | 2 | 2011-08-19 - 17:07 | over 12 years |
0.0.3 | MIT | 2 | 2011-08-31 - 14:50 | over 12 years |
0.0.4 | MIT | 2 | 2011-09-07 - 14:28 | over 12 years |
0.0.5 | MIT | 2 | 2011-10-17 - 10:39 | over 12 years |
0.1.0 | MIT | 2 | 2011-10-26 - 10:57 | over 12 years |
0.1.1 | MIT | 2 | 2011-11-18 - 16:31 | over 12 years |
0.1.2 | MIT | 2 | 2011-12-06 - 16:16 | over 12 years |
0.2.0 | MIT | 2 | 2012-01-18 - 16:07 | over 12 years |
0.2.1 | MIT | 2 | 2012-02-13 - 14:23 | about 12 years |
0.3.0 | MIT | 1 | 2012-04-02 - 11:25 | about 12 years |
0.3.1 | MIT | 1 | 2012-04-24 - 15:58 | about 12 years |
0.3.3 | MIT | 1 | 2012-09-27 - 15:18 | over 11 years |
0.3.4 | MIT | 1 | 2012-11-15 - 14:39 | over 11 years |
0.3.5 | MIT | 1 | 2012-12-14 - 12:35 | over 11 years |
0.3.6 | MIT | 1 | 2013-04-30 - 20:19 | about 11 years |
0.3.7 | MIT | 1 | 2013-04-30 - 20:29 | about 11 years |
0.3.8 | MIT | 1 | 2013-10-12 - 17:28 | over 10 years |
0.3.9 | MIT | 1 | 2014-05-22 - 01:47 | almost 10 years |
0.3.10 | MIT | 1 | 2014-10-24 - 21:27 | over 9 years |
0.3.11 | MIT | 1 | 2014-11-10 - 23:29 | over 9 years |
0.3.12 | MIT | 1 | 2015-01-06 - 00:46 | over 9 years |
0.3.13 | MIT | 1 | 2015-02-26 - 15:49 | about 9 years |
0.3.14 | MIT | 1 | 2015-03-05 - 22:40 | about 9 years |
0.3.15 | MIT | 1 | 2015-03-11 - 15:59 | about 9 years |
0.3.16 | MIT | 1 | 2016-03-23 - 17:34 | about 8 years |
0.3.17 | MIT | 1 | 2016-04-29 - 16:36 | about 8 years |
0.3.18 | MIT | 1 | 2016-09-26 - 15:36 | over 7 years |
0.3.19 | MIT | 1 | 2017-10-12 - 16:23 | over 6 years |
0.3.20 | MIT | 2020-03-09 - 19:54 | about 4 years | |
0.3.21 | MIT | 2020-07-31 - 03:12 | almost 4 years | |
0.3.22 | MIT | 2021-12-03 - 00:46 | over 2 years | |
0.3.23 | MIT | 2021-12-03 - 01:45 | over 2 years | |
0.3.24 | MIT | 2021-12-03 - 01:50 | over 2 years |