Bug: xmldom Security risk, depreciated,
Closed this issue · 2 comments
dBitech commented
# npm audit report
xmldom *
Severity: critical
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-5fg8-2547-mr8q
xmldom allows multiple root nodes in a DOM - https://github.com/advisories/GHSA-crh6-fp67-6883
No fix available
node_modules/xmldom
@mapcomponents/react-maplibre *
Depends on vulnerable versions of xmldom
node_modules/@mapcomponents/react-maplibre
2 vulnerabilities (1 moderate, 1 critical)
xmldom is a deprecated, having been repalced by @xmldom/xmldom
cioddi commented
Thanks, we will look into this.