Vulnerabilities

1 via 1 paths

Dependencies

173

Source

GitHub

Commit

dd50c3aa

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity
new

Open Redirect

  • Vulnerable module: koa
  • Introduced through: koa@3.0.1

Detailed paths

  • Introduced through: swagger2-koa@carlansley/swagger2-koa#dd50c3aacd8cbd8da56bc1f7891ae9edcd488c20 koa@3.0.1

Overview

koa is a Koa web app framework

Affected versions of this package are vulnerable to Open Redirect via the redirect function in lib/response.js due to improper input sanitization. An attacker can redirect users to arbitrary external sites by exploiting this vulnerability.

Remediation

A fix was pushed into the master branch but not yet published.

References