sails@0.9.15 vulnerabilities
API-driven framework for building realtime apps, using MVC conventions (based on Express and Socket.io)
-
latest version
1.5.13
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
17 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the sails package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
sails is a framework for building realtime apps, using MVC conventions (based on Express and Socket.io). Affected versions of this package are vulnerable to Uncaught Exception. An attacker can send a virtual request that will cause the node process to crash. How to fix Uncaught Exception? Upgrade |
<1.5.7
|
sails is a framework for building realtime apps, using MVC conventions (based on Express and Socket.io). Affected versions of this package are vulnerable to Prototype Pollution via the function NOTE: The maintainers of this package recommend not allowing an application to replace its controller or action files at runtime, to avoid this vulnerability. How to fix Prototype Pollution? Upgrade |
<1.5.3
|
Sails version How to fix Broken CORS? Upgrade |
<0.12.7
|