Unknown · Io.Socket:Socket.Io-Client · CVE-2022-25867
**Name of the Vulnerable Software and Affected Versions**
io.socket:socket.io-client versions prior to 2.0.1
**Description**
The issue is related to a NULL Pointer Dereference that occurs when parsing a packet with an invalid payload format. This can happen in the io.socket:socket.io-client package.
**Recommendations**
For versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue. As a temporary workaround, consider implementing input validation to ensure that only packets with valid payload formats are processed. Restrict access to the packet parsing functionality to minimize the risk of exploitation.