pkg:Debian/node-xmldom

11 total CVEsCRITICAL3HIGH1MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2022-39353xmldom allows multiple root nodes in a DOM
    from 0, < 0.5.0-1+deb11u2
  • CRITICAL9.8CVE-2022-37616Withdrawn: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom
    from 0, < 0.1.27+ds-1+deb10u1
  • CRITICAL9.8CVE-2022-37616Withdrawn: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom
    from 0, < 0.5.0-1+deb11u1
  • HIGH7.5CVE-2026-34601xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion
    from 0
  • MEDIUM6.5CVE-2021-32796Misinterpretation of malicious XML input
    from 0
  • MEDIUM4.3CVE-2021-21366Misinterpretation of malicious XML input
    from 0, < 0.5.0-1
  • MEDIUM4.3CVE-2021-21366Misinterpretation of malicious XML input
    from 0, < 0.1.27+ds-1+deb10u2
  • CVE-2026-41673xmldom: Uncontrolled recursion in XML serialization leads to DoS
    from 0
  • CVE-2026-41674xmldom has XML injection through unvalidated DocumentType serialization
    from 0
  • CVE-2026-41675xmldom has XML node injection through unvalidated processing instruction serialization
    from 0
  • CVE-2026-41672xmldom has XML node injection through unvalidated comment serialization
    from 0