There is 1 open security issue in buster.
1 issue left for the package maintainer to handle:
- CVE-2020-36049:
(needs triaging)
socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.
You can find information about how to handle this issue in the security team's documentation.