Releases248
Frequency2 weeks 4 days
Last Release
Stars12K
Spectacular Test Runner for JavaScript

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 6.3.165.4 MEDIUM5.8 MEDIUM

The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.

< 6.3.146.1 MEDIUM4.3 MEDIUM

Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.