#adonisjs

[ follow ]
#typescript-type-safety #code-generation #opentelemetry #starter-kits #cve-2026-21440 #path-traversal
Node JS
fromInfoQ
1 day ago

AdonisJS v7 Ships End-to-End Type Safety, Reworked Starter Kits and Zero-Config OpenTelemetry

AdonisJS v7 adds end-to-end type safety via codegen, typed routing, serialization, and type-safe API clients, alongside new starter kits and improved observability and docs.
fromThe Hacker News
4 months ago

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

If a developer uses MultipartFile.move() without the second options argument or without explicitly sanitizing the filename, an attacker can supply a crafted filename value containing traversal sequences, writing to a destination path outside the intended upload directory," the project maintainers said in an advisory released last week. "This can lead to arbitrary file write on the server. However, successful exploitation hinges on a reachable upload endpoint.
Information security
[ Load more ]