Package impact
npm / koa
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-8129 | medium | 6.1 | 6.1 | 11mo ago | Koa Open Redirect via Referrer Header (User-Controlled) | |||
| CVE-2026-27959 | unknown | — | — | 3mo ago | Koa has Host Header Injection via ctx.hostname | |||
| CVE-2025-62595 | unknown | — | — | 8mo ago | Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic | |||
| CVE-2025-32379 | unknown | — | — | 1y ago | Koajs vulnerable to Cross-Site Scripting (XSS) at ctx.redirect() function | |||
| CVE-2025-25200 | unknown | — | — | 1y ago | Inefficient Regular Expression Complexity in koa |