Vulnerabilities > Xmldom Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-02 | CVE-2022-39353 | xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. | 9.8 |
2022-10-11 | CVE-2022-37616 | A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. | 9.8 |
2021-07-27 | CVE-2021-32796 | XML Injection (aka Blind XPath Injection) vulnerability in Xmldom Project Xmldom xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. | 5.3 |
2021-03-12 | CVE-2021-21366 | xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. | 4.3 |