Lumakernel

**Name of the Vulnerable Software and Affected Versions** Frourio versions prior to v0.26.0 **Description** Frourio is a full stack framework for TypeScript. Users who use Frourio version prior to v0.26.0 and integrate with class-validator through the `validators/` folder are subject to an input validation issue. Validators do not work properly for request bodies and queries in specific situations, and some input is not validated at all. **Recommendations** Update Frourio to v0.26.0 or later and install `class-transformer` and `reflect-metadata`. As a temporary workaround, consider validating objects from requests with `class-transformer` in controllers manually, or prevent using validators.

**Name of the Vulnerable Software and Affected Versions** Frourio-express versions prior to v0.26.0 **Description** Frourio-express is a minimal full stack framework for TypeScript. Users who use Frourio-express version prior to v0.26.0 and integrate with class-validator through the `validators/` folder are subject to an input validation issue. Validators do not work properly for request bodies and queries in specific situations, and some input is not validated at all. **Recommendations** Update Frourio-express to v0.26.0 or later. Install `class-transformer` and `reflect-metadata` to your project. As a temporary workaround, consider validating objects from requests with `class-transformer` in controllers by yourself, or prevent using validators.