xmldom Improper Input Validation
skt1598 opened this issue · 0 comments
skt1598 commented
Describe the bug
Introduced through: vue-html2pdf@1.8.0 › html2pdf.js@0.9.3 › jspdf@1.4.1 › canvg@1.5.3 › xmldom@0.1.31
Affected versions of this package are vulnerable to Improper Input Validation due to parsing XML that is not well-formed, and contains multiple top-level elements. All the root nodes are being added to the childNodes collection of the Document, without reporting or throwing any error.
Package Version
1.8.0
Additional context
Ref: https://security.snyk.io/vuln/SNYK-JS-XMLDOM-3092935