Vulnerabilities > Xmldom Project

DATE CVE VULNERABILITY TITLE RISK
2022-11-02 CVE-2022-39353 Improper Validation of Consistency within Input vulnerability in multiple products
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module.
network
low complexity
xmldom-project debian CWE-1288
critical
9.8
2022-10-11 CVE-2022-37616 A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable.
network
low complexity
xmldom-project debian
critical
9.8
2021-07-27 CVE-2021-32796 XML Injection (aka Blind XPath Injection) vulnerability in Xmldom Project Xmldom
xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.
network
low complexity
xmldom-project CWE-91
5.0
2021-03-12 CVE-2021-21366 Misinterpretation of Input vulnerability in multiple products
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.
network
low complexity
xmldom-project debian CWE-115
4.3