4 matches found
CVE-2023-38504
Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the sails.io.js client...
CVE-2023-38504 Sails DoS vulnerability for apps with sockets enabled
Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the sails.io.js client...
CVE-2023-38504
Sails (Node.js) CVE-2023-38504 affects apps before v1.5.7. An attacker could send a virtual request that crashes the node process, enabling a Denial of Service. The issue is fixed in v1.5.7. As a workaround, disable the sockets hook and remove the sails.io.js client.
@0x0bit/sails-hook-redis (>=0.1.1 <=0.1.2), @driscode/cs2-lib (>=5.8.1-driscode-5 <=5.9.0-driscode-52) +136 more potentially affected by CVE-2023-38504 via sails (>=0.10.5 <=1.5.18)
sails NPM version =0.10.5, =0.1.1, =5.8.1-driscode-5, =3.0.0, =1.0.0, =0.0.1-prerelease, =1.1.8, =0.0.0, =0.0.0, =1.0.0, =1.3.2 - barmecide =0.0.5 - cacrypt =0.0.1 and more Source cves: CVE-2023-38504 Source advisory: OSV:GHSA-GPW9-FWM8-7RX7...