Sourced from socket.io-parser's releases.
4.2.3
:warning: This release contains an important security fix :warning:
A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:
TypeError: Cannot convert object to primitive value at Socket.emit (node:events:507:25) at .../node_modules/socket.io/lib/socket.js:531:14
Please upgrade as soon as possible.
Bug Fixes
- check the format of the event name (3b78117)
Links
Sourced from socket.io-parser's changelog.
4.2.3 (2023-05-22)
Bug Fixes
- check the format of the event name (3b78117)