Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2026/03/17 4:17 p.m.12 views

@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +66 more potentially affected by CVE-2026-31865 via elysia (>=1.0.13 <=1.4.26)

elysia NPM version =1.0.13, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =1.0.0-next.4, =1.0.0, =0.0.1, =1.0.3, =1.0.8 and more Source cves: CVE-2026-31865 Source advisory: SNYK:JS-ELYSIA-15680180...

6.5CVSS5.8AI score0.00232EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/17 4:17 p.m.7 views

@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +124 more potentially affected by CVE-2026-31865 via elysia (>=0.1.2 <=1.4.26)

elysia NPM version =0.1.2, =0.0.1, =0.0.1, =0.0.7, =0.0.1-0, =0.0.1, =0.0.3, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =1.6.1-canary.0 and more Source cves: CVE-2026-31865 Source advisory: OSV:GHSA-8HQ9-PHH3-P2WP...

6.5CVSS5.8AI score0.00232EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/10 9:4 p.m.6 views

@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +64 more potentially affected by CVE-2026-30837 via elysia (>=1.0.13 <=1.4.22)

elysia NPM version =1.0.13, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =1.0.0-next.4, =1.0.0, =0.0.1, =1.0.3, =1.0.8 and more Source cves: CVE-2026-30837 Source advisory: SNYK:JS-ELYSIA-15469934...

7.5CVSS5.8AI score0.00494EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/10 9:4 p.m.9 views

@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +122 more potentially affected by CVE-2026-30837 via elysia (>=0.1.2 <=1.4.22)

elysia NPM version =0.1.2, =0.0.1, =0.0.1, =0.0.7, =0.0.1-0, =0.0.1, =0.0.3, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =1.6.1-canary.0 and more Source cves: CVE-2026-30837 Source advisory: OSV:GHSA-F45G-68Q3-5W8X...

7.5CVSS5.8AI score0.00494EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/12/09 8:43 p.m.6 views

@dockstat/plugin-builder (>=1.0.3 <=1.0.8), @dockstat/typings (>=1.1.0 <=1.1.2) +8 more potentially affected by CVE-2025-66456 via elysia (>=1.4.11 <=1.4.16)

elysia NPM version =1.4.11, =1.0.3, =1.1.0, =0.1.29, =0.0.21-alpha.3, =2.0.0, =1.2.11, =0.0.1, =0.1.0, =0.6.0 - nautika-types =1.6.0 Source cves: CVE-2025-66456 Source advisory: SNYK:JS-ELYSIA-14287465...

9.8CVSS5.8AI score0.00473EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/12/09 5:12 p.m.7 views

@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +117 more potentially affected by CVE-2025-66456 +1 more via elysia (>=0.1.2 <=1.4.17)

elysia NPM version =0.1.2, =0.0.1, =0.0.1, =0.0.7, =0.0.1-0, =0.0.1, =0.0.3, =0.0.1, =0.1.0, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =1.0.0-next.4, =1.0.0-next.6 and more Source cves: CVE-2025-66456, CVE-2025-66457 Source advisory: OSV:GHSA-8VCH-M3F4-Q8JF...

9.8CVSS5.8AI score0.00679EPSS
Exploits2
Github Security Blog
Github Security Blog
added 2025/12/09 5:11 p.m.11 views

Elysia vulnerable to prototype pollution with multiple standalone schema validation

Prototype pollution vulnerability in mergeDeep after merging results of two standard schema validations with the same key. Due to the ordering of merging, there must be an any type that is set as a standalone guard, to allow for the proto prop to be merged. When combined with GHSA-8vch-m3f4-q8jf...

9.8CVSS6.7AI score0.00473EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2025/08/20 3:31 p.m.11 views

elysia-cors Origin Validation Error

An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...

6.5CVSS7.1AI score0.00442EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder