Lucene search

K

GoogleOSV:CVE-2021-44908

HistoryMar 17, 2022 - 12:15 p.m.

CVE-2021-44908

2022-03-1712:15:07

Google

osv.dev

4

sails.js

version 1.4.0

prototype pollution

AI Score

6.8

Confidence

High

EPSS

0.003

Percentile

69.0%

SailsJS Sails.js <=1.4.0 is vulnerable to Prototype Pollution via controller/load-action-modules.js, function loadActionModules().

References

github.com/balderdashy/sails/blob/master/lib/app/private/controller/load-action-modules.js#L32

github.com/balderdashy/sails/issues/7209

github.com/Marynk/JavaScript-vulnerability-detection/blob/main/sailsJS%20PoC.zip

AI Score

6.8

Confidence

High

EPSS

0.003

Percentile

69.0%

Related for OSV:CVE-2021-44908

osv1 veracode1 prion1 nvd1 cvelist1 github1 cve1