Homepage

@xmldom/xmldom

A pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.
Licenses: MIT
Published: 4 years ago Last updated: 19 days ago Latest version: 0.9.9 Latest non-vulnerable version: 0.9.9

License

MIT>=0;
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the @xmldom/xmldom package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
XML Injection

<0.8.12>=0.9.0 <0.9.9
  • C
Improper Input Validation

<0.7.7>=0.8.0 <0.8.4>=0.9.0-beta.1 <0.9.0-beta.4
  • H
Prototype Pollution

<0.7.6>=0.8.0 <0.8.3>=0.9.0-beta.1 <0.9.0-beta.2
  • M
Improper Input Validation

<0.7.0

Package versions

48 VERSIONS IN TOTAL See all versions
versionpublisheddirect vulnerabilities
0.9.929 Mar, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
0.9.828 Feb, 2025
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L
0.9.719 Jan, 2025
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L
0.9.65 Dec, 2024
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L
0.9.526 Oct, 2024
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L
0.9.413 Oct, 2024
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L
0.9.321 Sep, 2024
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L
0.9.25 Sep, 2024
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L
0.9.15 Sep, 2024
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L
0.9.029 Aug, 2024
  • 0
    C
  • 1
    H
  • 0
    M
  • 0
    L