Security issue: Misinterpretation of malicious XML input

Question

mzabuawala opened this issue 3 years ago · 3 comments

`

Answer 1 · 2021-08-10T09:16:25.000Z

This seems to be an issue of @vusion/webfonts-generator, which depends on svg2ttf@5 and had to update to svg2ttf@6

Answer 2 · 2021-08-10T09:38:21.000Z

Even svg2ttf@6 does use xmldom ~0.6.0. So they have to update to xmldom >= 0.7.0 too.

Answer 3 · 2021-10-10T02:11:28.000Z

Stale issue message