OsVault/npm/@perfood/couch-auth
npm1 critical

@perfood/couch-auth

5 known vulnerabilities · 1 critical · 0 high

CVE-2023-39655CRITICAL

CouchAuth host header injection vulnerability leaks the password reset token

Published Jan 3, 2024
CVE-2025-70948

@perfood/couch-auth has a host header injection vulnerability

Published Mar 5, 2026
CVE-2025-60794

@perfood/couch-auth may expose session tokens, passwords

Published Nov 20, 2025
CVE-2025-70949

@perfood/couch-auth has an Observable Timing Discrepancy

Published Mar 5, 2026
CVE-2024-57177

CouchAuth has a Server-Side Template Injection vulnerability in its email functionality

Published Feb 10, 2025
Check your entire dependency tree at onceRun dependency scan →