Cross-origin Resource Sharing For Koa@* Security Vulnerabilities and Issues — Cross-origin Resource Sharing For Koa@* CVE List

Lucene search

KoajsCross-origin Resource Sharing For Koa*

3 matches found

CVE•added 2025/02/12 6:15 p.m.•57 views

CVE-2025-25200

Koa is expressive middleware for Node.js using ES2017 async functions. Prior to versions 0.21.2, 1.7.1, 2.15.4, and 3.0.0-alpha.3, Koa uses an evil regex to parse the X-Forwarded-Proto and X-Forwarded-Host HTTP headers. This can be exploited to carry out a Denial-of-Service attack. Versions 0.21.2,...

9.2CVSS6.5AI score0.00184EPSS

CVE•added 2025/04/09 4:15 p.m.•54 views

CVE-2025-32379

Koa is expressive middleware for Node.js using ES2017 async functions. In koa < 2.16.1 and

5CVSS5.2AI score0.00045EPSS

CVE•added 2023/12/11 11:15 p.m.•33 views

CVE-2023-49803

@koa/cors npm provides Cross-Origin Resource Sharing (CORS) for koa, a web framework for Node.js. Prior to version 5.0.0, the middleware operates in a way that if an allowed origin is not provided, it will return an Access-Control-Allow-Origin header with the value of the origin from the request. T...

8.6CVSS7.9AI score0.00131EPSS