CNNVD-202602-912 Information
CNNVD ID
CNNVD-202602-912
Related CVE
- CNNVD Published: 2026-02-06
Description (Chinese)
@adonisjs/lucid是AdonisJS Framework开源的一个数据库对象关系映射库。 @adonisjs/lucid 10.1.3之前版本和11.0.0-next.9之前版本存在安全漏洞,该漏洞源于多部分文件处理逻辑存在拒绝服务漏洞,可能导致内存消耗过多和进程终止。
Description (English)
@adonisjs/lucid is an open-source database of AdonisJS Framework. @adonisjs/lucid 10.1.3 and 11.0.0-next.9 have security loopholes, which stem from denial service gaps in the logic of multiple document processing, which may lead to over-consumption of memory and process termination.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
AdonisJS Framework
Published
2026-02-06
Last Modified
2026-02-24
References
https://github.com/adonisjs/bodyparser/releases/tag/v10.1.3 https://github.com/adonisjs/bodyparser/releases/tag/v11.0.0-next.9 https://github.com/adonisjs/core/security/advisories/GHSA-xx9g-fh25-4q64 https://access.redhat.com/security/cve/cve-2026-25762
Patch
https://github.com/adonisjs/bodyparser/releases
Share on: