fast-xml-parser <=4.2.3
Severity: high
fast-xml-parser vulnerable to Regex Injection via Doctype Entities - https://github.com/advisories/GHSA-6w63-h3fj-q4vw
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name - https://github.com/advisories/GHSA-x3cc-x39p-42qx
No fix available
node_modules/fast-xml-parser
boardgamegeekclient *
Depends on vulnerable versions of fast-xml-parser
node_modules/boardgamegeekclient
2 high severity vulnerabilities
Maybe not as important for most usecases, just thought you should know and I think they fixed the issue with a newer release so changing the version should fix the warning.
Output npm audit:
npm audit report
fast-xml-parser <=4.2.3 Severity: high fast-xml-parser vulnerable to Regex Injection via Doctype Entities - https://github.com/advisories/GHSA-6w63-h3fj-q4vw fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name - https://github.com/advisories/GHSA-x3cc-x39p-42qx No fix available node_modules/fast-xml-parser boardgamegeekclient * Depends on vulnerable versions of fast-xml-parser node_modules/boardgamegeekclient
2 high severity vulnerabilities
Maybe not as important for most usecases, just thought you should know and I think they fixed the issue with a newer release so changing the version should fix the warning.