Cross-origin Resource Sharing For Koa Security Vulnerabilities and Issues — Cross-origin Resource Sharing For Koa CVE List

Lucene search

KoajsCross-origin Resource Sharing For Koa

3 matches found

CVE•added 2025/02/12 6:15 p.m.•57 views

CVE-2025-25200

Koa is expressive middleware for Node.js using ES2017 async functions. Prior to versions 0.21.2, 1.7.1, 2.15.4, and 3.0.0-alpha.3, Koa uses an evil regex to parse the X-Forwarded-Proto and X-Forwarded-Host HTTP headers. This can be exploited to carry out a Denial-of-Service attack. Versions 0.21.2,...

9.2CVSS6.5AI score0.00184EPSS

CVE•added 2025/04/09 4:15 p.m.•54 views

CVE-2025-32379

Koa is expressive middleware for Node.js using ES2017 async functions. In koa < 2.16.1 and

5CVSS5.2AI score0.00045EPSS

CVE•added 2 days ago•4 views

CVE-2025-8129 KoaJS Koa HTTP Header response.js back redirect

A vulnerability, which was classified as problematic, was found in KoaJS Koa up to 3.0.0. Affected is the function back in the library lib/response.js of the component HTTP Header Handler. The manipulation of the argument Referrer leads to open redirect. It is possible to launch the attack remotely...

5.1CVSS7.1AI score0.00027EPSS