Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sails DoS vulnerability for apps with sockets enabled
Vulnerability Description
Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the `sails.io.js` client.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未捕获的异常
Vulnerability Title
Sails.js 安全漏洞
Vulnerability Description
Sails.js是美国Sails公司的一款基于Node.js的Web应用程序框架。 Sails.js 1.5.7 之前版本存在安全漏洞,该漏洞源于在Sails 应用程序中,攻击者可以发送虚拟请求,导致节点进程崩溃。
CVSS Information
N/A
Vulnerability Type
N/A