Skip to content

xmldom dependency has a security issue #111

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
karfau opened this issue Feb 15, 2022 · 2 comments
Closed

xmldom dependency has a security issue #111

karfau opened this issue Feb 15, 2022 · 2 comments

Comments

@karfau
Copy link

karfau commented Feb 15, 2022
edited
Loading

Latest versions of the xmldom lib are now only published as @xmldom/xmldom, so to update from version 0.6.0 which is known to be vulnerable, it's required to switch to the scoped package. For more details see xmldom/xmldom#271

I'm one of the maintainers (of the xmldom package) and I can support any update issues if you want.

It would be good to also update the example code in the readme.
@JLRishe
Copy link
Collaborator

JLRishe commented Feb 15, 2022

@karfau Thank you for the details. I'll try to get this taken care of soon.

@karfau karfau mentioned this issue Feb 15, 2022
Closed
@karfau karfau mentioned this issue May 15, 2022
Merged
@cjbarth cjbarth mentioned this issue Jun 28, 2023
Closed
@JLRishe
Copy link
Collaborator

JLRishe commented Jul 6, 2023

This should be taken care of now.

@JLRishe JLRishe closed this as completed Jul 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@karfau @JLRishe