Could anyone please help to fix the critical security issues CVE-2022-37616 9.8 and CVE-2022-39353, which reported a prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable.
lesley-lee
commented
1 year ago
Could anyone please help to fix the critical security issues CVE-2022-37616 9.8 and CVE-2022-39353, which reported a prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable.