Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Spectacular Test Runner for JavaScript.
Library home page: https://registry.npmjs.org/karma/-/karma-3.1.4.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/karma/package.json
Dependency Hierarchy:
Found in HEAD commit: 2895e8d79dd8b35533c48a02be2a14c46a8aff97
Found in base branch: main
Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.
Publish Date: 2022-02-05
URL: CVE-2022-0437
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2022-0437
Release Date: 2022-02-05
Fix Resolution: 6.3.14
The text was updated successfully, but these errors were encountered:
CVE-2022-0437 - Medium Severity Vulnerability
Vulnerable Library - karma-3.1.4.tgz
Spectacular Test Runner for JavaScript.
Library home page: https://registry.npmjs.org/karma/-/karma-3.1.4.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/karma/package.json
Dependency Hierarchy:
Found in HEAD commit: 2895e8d79dd8b35533c48a02be2a14c46a8aff97
Found in base branch: main
Vulnerability Details
Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.
Publish Date: 2022-02-05
URL: CVE-2022-0437
CVSS 3 Score Details (6.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2022-0437
Release Date: 2022-02-05
Fix Resolution: 6.3.14
The text was updated successfully, but these errors were encountered: