Skip to content
This repository was archived by the owner on Jun 26, 2025. It is now read-only.
This repository was archived by the owner on Jun 26, 2025. It is now read-only.

Update xmldom dependency #21

Closed
Closed
Update xmldom dependency#21
Assignees
davelandry
@jhmullen

Description

@jhmullen
jhmullen
opened on Jun 16, 2022

xmldom and canvg-browser currently have vulnerability warnings:

xmldom  *
Severity: moderate
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-5fg8-2547-mr8q
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-h6q6-9hqw-rwfv
No fix available
node_modules/xmldom
  canvg-browser  *
  Depends on vulnerable versions of xmldom
  node_modules/canvg-browser
    d3plus-export  *
    Depends on vulnerable versions of canvg-browser
    node_modules/d3plus-export

3 vulnerabilities (2 low, 1 moderate)

Some issues need review, and may require choosing
a different dependency.

Can these dependencies be updated?

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions