Information on source package node-dompurify

Available versions

ReleaseVersion
bookworm2.4.1+dfsg+~2.4.0-2+deb12u1
bookworm (security)2.4.1+dfsg+~2.4.0-2
trixie3.1.7+dfsg+~3.0.5-2
forky3.3.3+dfsg-2
sid3.3.3+dfsg-2

Open issues

BugbookwormtrixieforkysidDescription
CVE-2026-41240vulnerablevulnerablevulnerablevulnerableDOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathM ...
CVE-2026-41239vulnerablevulnerablevulnerablevulnerableDOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathM ...
CVE-2026-41238vulnerablevulnerablevulnerablevulnerableDOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathM ...
CVE-2026-0540vulnerablevulnerablefixedfixedDOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in commit ...
CVE-2025-26791vulnerable (no DSA)fixedfixedfixedDOMPurify before 3.2.4 has an incorrect template literal regular expre ...
CVE-2025-15599vulnerablevulnerablefixedfixedDOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross- ...

Open unimportant issues

BugbookwormtrixieforkysidDescription
CVE-2025-48050vulnerablevulnerablefixedfixedIn DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ...

Resolved issues

BugDescription
CVE-2024-48910DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for H ...
CVE-2024-47875DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for H ...
CVE-2024-45801DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for H ...

Security announcements

DSA / DLADescription
DSA-5790-1node-dompurify - security update
Search for package or bug name: Reporting problems