NPM Audit - xmldom vulnerability


```cmd
# npm audit report

xmldom  *
Severity: critical
xmldom allows multiple root nodes in a DOM - https://github.com/advisories/GHSA-crh6-fp67-6883
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-5fg8-2547-mr8q
No fix available
node_modules/xmldom
  cloud-text-to-speech  *
  Depends on vulnerable versions of xmldom
  node_modules/cloud-text-to-speech

2 critical severity vulnerabilities

Some issues need review, and may require choosing a different dependency.
```

https://github.com/xmldom/xmldom states 
> Since version 0.7.0 this package is published to npm as [@xmldom/xmldom](https://www.npmjs.com/package/@xmldom/xmldom) and no longer as [xmldom](https://www.npmjs.com/package/xmldom), because https://github.com/xmldom/xmldom/issues/271.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

NPM Audit - xmldom vulnerability #1

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

NPM Audit - xmldom vulnerability #1

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions