npm/express — 6 CVEs

MEDIUM6.1CVE-2024-29041Express.js Open Redirect in malformed URLs

from 0, < 4.19.2

MEDIUM6.1CVE-2014-6393No Charset in Content-Type Header in express

from 0, < 3.11.0

MEDIUM5.0CVE-2024-43796express vulnerable to XSS via response.redirect()

from 0, < 4.20.0

MEDIUM4.7CVE-2024-9266Express Open Redirect vulnerability

>= 3.4.5, < 4.0.0-rc1

MEDIUM4.0Express ressource injection

from 0, < 4.0.0-rc1

—Withdrawn Advisory: express improperly controls modification of query properties

from 0, < 4.22.0

pkg:npm/express