pkg:npm/xml-crypto

3 total CVEsCRITICAL1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2024-32962xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofing
    >= 4.0.0, < 6.0.0
  • CVE-2025-29775xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment
    >= 4.0.0, < 6.0.1
  • CVE-2025-29774xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References
    >= 4.0.0, < 6.0.1