Is @adonisjs/bodyparser safe to use?

@adonisjs/bodyparser has 3 known vulnerabilities on the latest version (11.0.1). DepScope rates its health at 49/100 (high risk).

What is the latest version of @adonisjs/bodyparser?

The latest version of @adonisjs/bodyparser is 11.0.1, released 2026-04-04.

Does @adonisjs/bodyparser have known vulnerabilities?

Yes. @adonisjs/bodyparser has 3 known vulnerabilities. See depscope.dev/pkg/npm/@adonisjs/bodyparser for details.

Is @adonisjs/bodyparser deprecated?

No, @adonisjs/bodyparser is actively maintained. Latest release: 11.0.1 (2026-04-04).

What are alternatives to @adonisjs/bodyparser?

Popular alternatives to @adonisjs/bodyparser in npm include: semver, ansi-styles, minimatch, debug, brace-expansion.

What license does @adonisjs/bodyparser use?

@adonisjs/bodyparser is licensed under MIT.

@adonisjs/bodyparser

npmv11.0.1

BodyParser middleware for AdonisJS http server to read and parse request body

License MITpermissive139 versions3 maintainers9 deps

adonisjs/bodyparser

/ 100

Health

do not use

@adonisjs/bodyparser has critical vulnerabilities — do not use

Update to >= 11.0.0-next.9 to fix known vulnerabilities

2 high severity vulnerabilities
1 critical vulnerabilities

Health breakdown0 – 100

25/25

maintenance

0/20

popularity

5/25

security

15/15

maturity

4/15

community

Vulnerabilities

1 critical2 high

Advisories (3)

Severity	ID	Summary	Fixed in
high	CVE-2026-25754	AdonisJS multipart body parsing has Prototype Pollution issue	11.0.0-next.9
critical	CVE-2026-21440	AdonisJS Path Traversal in Multipart File Handling	11.0.0-next.6
high	CVE-2026-25762	AdonisJS vulnerable to Denial of Service (DoS) via Unrestricted Memory Buffering in PartHandler during File Type Detection	11.0.0-next.9

Bundle & TypeScript

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

Dependencies (9)

@poppinss/macroable @poppinss/middleware @poppinss/multiparty @poppinss/qs @poppinss/utils file-type inflation media-typer raw-body

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@adonisjs/bodyparser