GMS-2019-53: Undefined Behavior in sailsjs-cacheman

September 11, 2019 (updated September 21, 2021)

All versions of sailsjs-cacheman have a vulnerability that may lead to Undefined Behavior. The config variable is exposing to the global scope which may overwrite other variables and cause the application to misbehave. No fix is currently available. Consider using an alternative module until a fix is made available.

References

github.com/advisories/GHSA-5w65-6875-rhq8
github.com/gayanhewa/sailsjs-cacheman/commit/4a456f44141ae2d5aed8cb32a82063356dcc318f
github.com/gayanhewa/sailsjs-cacheman/pull/10
www.npmjs.com/advisories/752

Detect and mitigate GMS-2019-53 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →