pkg:npm/@perfood/couch-auth

5 total CVEsCRITICAL1HIGH2MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.3CVE-2025-70948@perfood/couch-auth has a host header injection vulnerability
    from 0, <= 0.26.0
  • HIGH8.1CVE-2023-39655CouchAuth host header injection vulnerability leaks the password reset token
    from 0, <= 0.20.0
  • HIGH7.5CVE-2025-70949@perfood/couch-auth has an Observable Timing Discrepancy
    from 0, <= 0.26.0
  • MEDIUM4.3CVE-2024-57177CouchAuth has a Server-Side Template Injection vulnerability in its email functionality
    from 0, <= 0.21.2
  • CVE-2025-60794@perfood/couch-auth may expose session tokens, passwords
    from 0, <= 0.21.2
npm/@perfood/couch-auth — 5 CVEs · VulnScope