Skip to content

File restriction bypass in socket.io-file

High severity GitHub Reviewed Published Oct 2, 2020 to the GitHub Advisory Database • Updated Jan 9, 2023

Package

npm socket.io-file (npm)

Affected versions

<= 2.0.31

Patched versions

None

Description

All versions of socket.io-fileare vulnerable to a file restriction bypass. The validation for valid file types only happens on the client-side, which allows an attacker to intercept the Websocket request post-validation and alter the name value to upload any file types.

No fix is currently available. Consider using an alternative package until a fix is made available.

References

Last updated Jan 9, 2023
Published to the GitHub Advisory Database Oct 2, 2020
Reviewed Oct 2, 2020

Severity

High
7.8
/ 10

CVSS base metrics

Attack vector
Local
Attack complexity
Low
Privileges required
None
User interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-6495-8jvh-f28x
Checking history
See something to contribute? Suggest improvements for this vulnerability.