| Release | Version |
|---|---|
| bullseye | 0.5.0-1+deb11u2 |
| bookworm | 0.8.6-1 |
| trixie | 0.9.6-1 |
| forky | 0.9.9-1 |
| sid | 0.9.9-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2026-34601 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) ... |
| CVE-2021-32796 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | xmldom is an open source pure JavaScript W3C standard-based (XML DOM L ... |
| Bug | Description |
|---|---|
| CVE-2022-39353 | xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) ... |
| CVE-2022-37616 | A prototype pollution vulnerability exists in the function copy in dom ... |
| CVE-2021-21366 | xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) ... |
| DSA / DLA | Description |
|---|---|
| DLA-3260-1 | node-xmldom - security update |
| DLA-3154-1 | node-xmldom - security update |