Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
C Malicious Package	@0xengine/xmlrpc*	npm	28 Nov 2024
H Prototype Pollution	body-parser-xml<2.0.3	npm	12 Sept 2021
C Malicious Package	body-parse-xml*	npm	1 Sept 2019
C Malicious Package	core-xml*	npm	29 Jun 2023
C Malicious Package	ext-simplexml*	npm	28 Mar 2022
M Regular Expression Denial of Service (ReDoS)	fast-xml-parser<4.4.1	npm	30 Jul 2024
L Regular Expression Denial of Service (ReDoS)	fast-xml-parser>=4.2.4 <4.2.5	npm	17 Jul 2023
H Regular Expression Denial of Service (ReDoS)	fast-xml-parser<4.2.4	npm	7 Jun 2023
M Prototype Pollution	fast-xml-parser<4.1.2	npm	19 Feb 2023
H XML External Entity (XXE) Injection	jstoxml<2.0.0	npm	26 Oct 2020
H Type Confusion	libxmljs*	npm	3 May 2024
H Remote Code Execution (RCE)	libxmljs*	npm	3 May 2024
H Denial of Service (DoS)	libxmljs<0.19.8	npm	6 Apr 2022
M Sensitive Information Exposure	libxmljs<0.17.0	npm	18 Jan 2016
H Type Confusion	libxmljs2*	npm	5 May 2024
H Type Confusion	libxmljs2*	npm	5 May 2024
C Malicious Package	mfp-config-xml*	npm	19 Sept 2024
L Regular Expression Denial of Service (ReDoS)	moddle-xml<4.1.3	npm	22 Feb 2018
C Malicious Package	uwjoekgxmlhrzsaq*	npm	30 Aug 2023
H Malicious Package	xml2binary*	npm	4 Aug 2023
M Prototype Pollution	xml2js<0.5.0	npm	6 Apr 2023
C Malicious Package	xml2jsno*	npm	25 Aug 2022
H Malicious Package	xml2stream*	npm	4 Aug 2023
H Malicious Package	xml2yaml*	npm	4 Aug 2023
C Improper Verification of Cryptographic Signature	xml-crypto<2.1.6>=3.0.0 <3.2.1>=4.0.0 <6.0.1	npm	16 Mar 2025
C Improper Verification of Cryptographic Signature	xml-crypto<2.1.6>=3.0.0 <3.2.1>=4.0.0 <6.0.1	npm	16 Mar 2025
C Improper Verification of Cryptographic Signature	xml-crypto>=4.0.0 <6.0.0	npm	2 May 2024
H Signature Validation Bypass	xml-crypto<2.0.0	npm	28 Oct 2020
C Improper Input Validation	xmldom*	npm	2 Nov 2022
H Prototype Pollution	xmldom>=0.0.0	npm	11 Oct 2022

APPLICATION

OPERATING SYSTEM