Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:8 a.m.9 views

CVE-2023-38504

Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the sails.io.js client...

7.5CVSS6.7AI score0.0076EPSS
Exploits0
Cvelist
Cvelist
added 2023/07/27 6:12 p.m.54 views

CVE-2023-38504 Sails DoS vulnerability for apps with sockets enabled

Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the sails.io.js client...

7.5CVSS7.7AI score0.0076EPSS
Exploits0References4
CVE
CVE
added 2023/07/27 6:12 p.m.68 views

CVE-2023-38504

Sails (Node.js) CVE-2023-38504 affects apps before v1.5.7. An attacker could send a virtual request that crashes the node process, enabling a Denial of Service. The issue is fixed in v1.5.7. As a workaround, disable the sockets hook and remove the sails.io.js client.

7.5CVSS7.4AI score0.0076EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2023/07/27 5:13 p.m.6 views

@0x0bit/sails-hook-redis (>=0.1.1 <=0.1.2), @driscode/cs2-lib (>=5.8.1-driscode-5 <=5.9.0-driscode-52) +136 more potentially affected by CVE-2023-38504 via sails (>=0.10.5 <=1.5.18)

sails NPM version =0.10.5, =0.1.1, =5.8.1-driscode-5, =3.0.0, =1.0.0, =0.0.1-prerelease, =1.1.8, =0.0.0, =0.0.0, =1.0.0, =1.3.2 - barmecide =0.0.5 - cacrypt =0.0.1 and more Source cves: CVE-2023-38504 Source advisory: OSV:GHSA-GPW9-FWM8-7RX7...

7.5CVSS7AI score0.0076EPSS
Exploits0
Rows per page
Query Builder