Vulnerabilities > Karma Project

DATE CVE VULNERABILITY TITLE RISK
2022-02-25 CVE-2021-23495 Open Redirect vulnerability in Karma Project Karma
The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.
network
low complexity
karma-project CWE-601
6.1
2022-02-05 CVE-2022-0437 Unspecified vulnerability in Karma Project Karma
Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.
network
low complexity
karma-project
6.1