# npm audit report
xmldom *
Severity: critical
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-5fg8-2547-mr8q
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-h6q6-9hqw-rwfv
xmldom allows multiple root nodes in a DOM - https://github.com/advisories/GHSA-crh6-fp67-6883
No fix available
node_modules/xmldom
canvg-browser *
Depends on vulnerable versions of xmldom
node_modules/canvg-browser
draw2d *
Depends on vulnerable versions of canvg-browser
node_modules/draw2d
3 vulnerabilities (2 low, 1 critical)
Some issues need review, and may require choosing
a different dependency.
Looks like it needs some version bump or a fix