Releases97
Frequency1 week 1 day
Last Release
Karma rules for Bazel

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 6.3.165.4 MEDIUM5.8 MEDIUM

The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.

< 6.3.146.1 MEDIUM4.3 MEDIUM

Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.