CVE-2023-49803

@koa/cors npm provides Cross-Origin Resource Sharing CORS for koa, a web framework for Node.js. Prior to version 5.0.0, the middleware operates in a way that if an allowed origin is not provided, it will return an Access-Control-Allow-Origin header with the value of the origin from the request...

10.1zy (=1.0.0), 10.4ks (=1.0.0) +1664 more potentially affected by CVE-2023-49803 via @koa/cors (>=2.2.1 <=4.0.0)

@koa/cors NPM version =2.2.1, =0.1.2, =1.0.0, =0.1.28, =0.3.5, =1.1.11, =2.0.0, =3.0.0 and more Source cves: CVE-2023-49803 Source advisory: OSV:GHSA-QXRJ-HX23-XP82...

PT-2023-31361 · Npm · @Koa/Cors

Name of the Vulnerable Software and Affected Versions: @koa/cors versions prior to 5.0.0 Description: The @koa/cors middleware for the koa web framework in Node.js has a security issue where it returns an Access-Control-Allow-Origin header with the value of the origin from the request if an allow...