2 matches found
Uncontrolled Recursion
Overview @stablelib/cbor is a CBOR encoder and decoder Affected versions of this package are vulnerable to Uncontrolled Recursion when decoding. An attacker can cause the application to crash or terminate unexpectedly by supplying a deeply nested, attacker-controlled CBOR payload that exhausts th...
Open Redirect
Overview koa is a Koa web app framework Affected versions of this package are vulnerable to Open Redirect via the "back redirect" functionality. An attacker can cause users to be redirected to an external, attacker-controlled domain by supplying a specially crafted Referer header containing a...