Package impact
npm / koa
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-8129 | medium | 6.1 | 6.1 | 10mo ago | Koa Open Redirect via Referrer Header (User-Controlled) | |
| CVE-2026-27959 | unknown | — | — | 3mo ago | Koa has Host Header Injection via ctx.hostname | |
| CVE-2025-62595 | unknown | — | — | 7mo ago | Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic | |
| CVE-2025-32379 | unknown | — | — | 1y ago | Koajs vulnerable to Cross-Site Scripting (XSS) at ctx.redirect() function | |
| CVE-2025-25200 | unknown | — | — | 1y ago | Inefficient Regular Expression Complexity in koa |