Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/10/21 8:8 p.m.6 views

CVE-2025-62595

A flaw was found in Koa. A bypass of CVE-2025-8129 was discovered in the Koa.js framework affecting its back redirect functionality. In certain circumstances, an attacker can manipulate the Referer header to force a user’s browser to navigate to an external, potentially malicious website. This...

6.1CVSS6.4AI score0.00276EPSS
Exploits2References5
vulnersOsv
vulnersOsv
added 2025/10/21 3:9 p.m.13 views

@certd/commercial-core (>=1.25.9 <=1.41.2), @certd/lib-server (>=1.36.25 <=1.41.2) +32 more potentially affected by CVE-2025-62595 +1 more via koa (=2.16.2)

koa NPM version =2.16.2 is affected by a known vulnerability. The following packages have a transitive dependency on koa and may be impacted: - @certd/commercial-core =1.25.9, =1.36.25, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.19.3, =3.20.11,...

6.1CVSS5.7AI score0.00276EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2025/10/21 3:9 p.m.10 views

@certd/commercial-core (>=1.25.9 <=1.41.2), @certd/lib-server (>=1.36.25 <=1.41.2) +32 more potentially affected by CVE-2025-62595 via koa (=2.16.2)

koa NPM version =2.16.2 is affected by a known vulnerability. The following packages have a transitive dependency on koa and may be impacted: - @certd/commercial-core =1.25.9, =1.36.25, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.19.3, =3.20.11,...

6.1CVSS5.7AI score0.00276EPSS
Exploits1
Circl
Circl
added 2025/10/21 6:58 a.m.10 views

CVE-2025-62595

creationtimestamp| type| source ---|---|--- 2025-10-21 06:58:44+00:00| published-proof-of-concept| https://github.com/koajs/koa/security/advisories/GHSA-g8mr-fgfg-5qpc...

6.1CVSS5.8AI score0.00276EPSS
Exploits1References1
Rows per page
Query Builder