Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/17 10:20 a.m.11 views

Malicious code in koa-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5868e3008cddae6f0d4f1594e5f22c25d905ca6e32b915c4b527ad2ed77cce7f The package koa-v3 was found to contain malicious code. Source: ghsa-malware 16ed2d5a3189595a73eb117e70d2a31ba6ed920704a2917c7f83aacb8b5f42d1 Any...

5.8AI score
Exploits0References1
OSV
OSV
added 2025/11/13 3:23 a.m.6 views

MAL-2025-187703 Malicious code in koa-version-scorpius-ceres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75dacef98ce0fa1a5b9c797aef9cabfffb1071bd052305809bade9065f2f7e2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178179

Malicious code in koa-version-scorpius-ceres npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:29 a.m.4 views

Malicious code in flare-koa-version-aether (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 743fef05b826eca569bd55c8b8e63b265ee14b3619c017ffaf94b5c85fd9cbc0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.3 views

EUVD-2025-113581

Malicious code in flare-koa-version-aether npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/12 4:29 a.m.2 views

MAL-2025-142530 Malicious code in flare-koa-version-aether (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 743fef05b826eca569bd55c8b8e63b265ee14b3619c017ffaf94b5c85fd9cbc0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
CVE
CVE
added 2025/10/21 4:20 p.m.20 views

CVE-2025-62595

KoaJS CVE-2025-62595 affects Koa until patched: versions 2.16.2–2.16.2.x before 2.16.3 and 3.0.1–3.0.2.x before 3.0.3 are vulnerable to a Referer header bypass that can force user redirects to external sites via back redirect in the HTTP header handling. Root cause: some crafted URLs are treated ...

6.1CVSS6.4AI score0.00277EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder