Open stevenveerbeek opened 1 year ago
Hi,
I'm using kdbxweb as a dependency in my project, and a Nexus IQ dependency check resulted in a high severity security violation for @xmldom/xmldom, which is a direct dependency of kdbxweb, and thus a transitive dependency for my project.
Please find the details of the vulnerability here: https://nvd.nist.gov/vuln/detail/CVE-2022-37616
It would be very much appreciated if you could fix this vulnerability and publish a new version of kdbxweb. Thanks in advance!
Best,
Steven
Hi,
I'm using kdbxweb as a dependency in my project, and a Nexus IQ dependency check resulted in a high severity security violation for @xmldom/xmldom, which is a direct dependency of kdbxweb, and thus a transitive dependency for my project.
Please find the details of the vulnerability here: https://nvd.nist.gov/vuln/detail/CVE-2022-37616
It would be very much appreciated if you could fix this vulnerability and publish a new version of kdbxweb. Thanks in advance!
Best,
Steven