Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
elysia 0.2.1 | Vulnerabilities | Sonatype Guide
npm
elysia
0.2.1
elysia 0.2.1
Published
Jan 30, 2023
•
Policy
compliance
npm Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
677
Versions
677
Vulnerabilities
3
Vulnerabilities
3
Dependencies
2
Dependencies
2
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(1)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
5.3
CVE-2026-31865
Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation, and client-server communication. Prior to version 1.4.27, an Elysia cookie can be overridden by prototype pollution , eg. `__proto__`. This issue is patched in 1.4.27. As a workaround, use t.Cookie validation to enforce validation value and/or prevent iterable over cookie if possible.
affected
Severity
Medium
Published
Mar 18, 2026
