CVE-2021-44908

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-44908

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44908.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-44908

Aliases

GHSA-8v3j-jfg3-v3fv

Published

2022-03-17T12:15:07.800Z

Modified

2026-04-10T04:36:20.183578Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

SailsJS Sails.js <=1.4.0 is vulnerable to Prototype Pollution via controller/load-action-modules.js, function loadActionModules().

References

Affected packages

Git / github.com/balderdashy/sails

Affected ranges

Type

GIT

Repo

https://github.com/balderdashy/sails

Events

Introduced

Last affected

88554dfb84b2867dabe4599261f72f267efae19c

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.4.0"
        }
    ]
}

Affected versions

0.*

0.11.0-rc10

0.11.0-rc6

0.11.0-rc7

0.11.0-rc8

0.11.0-rc9

0.9preview

12.*

12.11.07.24

12.11.0721

12.11.0722

12.11.0723

12.11.0724

12.11.08

12.11.0812

12.11.0813

12.11.0818

12.11.0819

12.11.1400

12.11.1411

12.11.1413

12.11.1414

12.11.1600

12.11.1700

12.11.1716

12.11.1799

12.11.1799gls

12.11.1800

12.11.1900

12.11.1901

12.11.2000

12.11.2001

12.11.2400

12.11.2418

12.11.2419

12.11.2423

12.11.2424

12.11.2600

12.11.2601

12.11.2604

12.11.2605

12.11.2606

12.11.26120

12.11.2618

12.11.2619

12.11.2620

12.11.2900

12.12.0300

12.7.26

Other

enlyton-release

wl-rc13

v0.*

v0.10.0-rc1

v0.10.0-rc10

v0.10.0-rc11

v0.10.0-rc2

v0.10.0-rc3

v0.10.0-rc4

v0.10.0-rc5

v0.10.0-rc6

v0.10.0-rc8

v0.10.1

v0.10.2

v0.10.4

v0.10.5

v0.11.0

v0.11.0-rc5

v0.12.0-rc1

v0.12.0-rc2

v0.12.0-rc3

v0.12.0-rc5

v0.12.0-rc6

v0.12.0-rc7

v0.12.07-rc7

v0.12.2

v0.12.2-0

v0.12.3

v0.12.4

v0.12.4-rc1

v0.12.4-rc2

v0.12.4-rc3

v0.2.1

v0.3.0

v0.7.0-1

v0.7.0-2

v0.7.0-3

v0.7.0-4

v0.7.0-5

v0.7.0-6

v0.7.0-8

v0.7.1-0

v0.7.2

v0.7.4-1

v0.7.5-0

v0.7.6-0

v0.7.7-0

v0.7.8

v0.7.9

v0.8.0

v0.8.1

v0.8.3

v0.8.4

v0.8.5

v0.8.6

v0.8.7

v0.8.73

v0.8.74

v0.8.75

v0.8.76

v0.8.77

v0.8.78

v0.8.79

v0.8.80

v0.8.81

v0.8.82

v0.8.83

v0.8.84

v0.8.85

v0.8.86

v0.8.87

v0.8.88

v0.8.89

v0.8.89-1

v0.8.892

v0.8.894

v0.8.895

v0.8.93

v0.9.0

v0.9.1

v0.9.2

v0.9.3

v1.*

v1.0.0

v1.0.0-10

v1.0.0-11

v1.0.0-12

v1.0.0-13

v1.0.0-14

v1.0.0-15

v1.0.0-16

v1.0.0-17

v1.0.0-18

v1.0.0-19

v1.0.0-20

v1.0.0-21

v1.0.0-22

v1.0.0-23

v1.0.0-26

v1.0.0-29

v1.0.0-30

v1.0.0-31

v1.0.0-32

v1.0.0-33

v1.0.0-34

v1.0.0-35

v1.0.0-36

v1.0.0-38

v1.0.0-39

v1.0.0-40

v1.0.0-41

v1.0.0-42

v1.0.0-43

v1.0.0-44

v1.0.0-45

v1.0.0-46

v1.0.0-47

v1.0.0-48

v1.0.0-49

v1.0.0-5

v1.0.0-6

v1.0.0-7

v1.0.0-8

v1.0.0-9

v1.0.1

v1.0.2

v1.0.2-0

v1.0.3-0

v1.0.3-1

v1.0.3-2

v1.0.3-3

v1.0.3-4

v1.1.0

v1.1.0-0

v1.1.0-1

v1.1.0-2

v1.1.0-3

v1.2.0

v1.2.0-0

v1.2.0-1

v1.2.0-2

v1.2.0-3

v1.2.1

v1.2.2

v1.2.3

v1.2.4

v1.2.5

v1.3.0

v1.3.1

v1.4.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44908.json"