Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Karma Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23495 1 Karma Project 1 Karma 2022-03-08 5.8 MEDIUM 6.1 MEDIUM
The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.
CVE-2022-0437 1 Karma Project 1 Karma 2022-02-10 4.3 MEDIUM 6.1 MEDIUM
Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.