QID 980750
QID 980750: Nodejs (npm) Security Update for sails-hook-sockets (GHSA-f7f4-hqp2-7prc)
Sails.js before v1.0.0-46 allows attackers to cause a denial of service with a single request because there is no error handler in sails-hook-sockets to handle an empty pathname in a WebSocket request.
Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
Solution
Customers are advised to refer to GHSA-f7f4-hqp2-7prc for updates pertaining to this vulnerability.
Vendor References
- GHSA-f7f4-hqp2-7prc -
github.com/advisories/GHSA-f7f4-hqp2-7prc
CVEs related to QID 980750
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| GHSA-f7f4-hqp2-7prc | sails-hook-sockets |
|