pkg:npm/sanitize-html

共 10 筆 CVECRITICAL1HIGH1MEDIUM7

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL9.3CVE-2026-44990Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`
    >= 2.17.3, < 2.17.4
  • HIGH7.5CVE-2022-25887Sanitize-html Vulnerable To REDoS Attacks
    from 0, < 2.7.1
  • MEDIUM6.1CVE-2026-40186sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements
    >= 2.17.2, < 2.17.3
  • MEDIUM6.1CVE-2019-25225sanitize-html is vulnerable to XSS through incomprehensive sanitization
    from 0, < 2.0.0-beta
  • MEDIUM6.1CVE-2016-1000237Cross-Site Scripting in sanitize-html
    from 0, < 1.4.3
  • MEDIUM6.1CVE-2017-16017Cross-Site Scripting in sanitize-html
    from 0, < 1.2.3
  • MEDIUM5.3CVE-2024-21501sanitize-html Information Exposure vulnerability
    from 0, < 2.12.1
  • MEDIUM5.3CVE-2021-26540Improper Input Validation in sanitize-html
    from 0, < 2.3.2
  • MEDIUM5.3CVE-2021-26539Improper Input Validation in sanitize-html
    from 0, < 2.3.1
  • CVE-2017-16016Cross-Site Scripting in sanitize-html
    from 0, < 1.11.4
npm/sanitize-html — 10 CVEs · VulnScope