Lucene search
+L

6 matches found

susecve
susecve
added 2026/04/03 11:25 p.m.9 views

SUSE CVE-2026-34601

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...

7.5CVSS5.7AI score0.00472EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/04/03 1:6 p.m.6 views

CVE-2026-34601

A flaw was found in xmldom. A remote attacker can exploit this by inserting specific character sequences, known as the CDATA Character Data terminator , into a CDATASection node. When the XML is serialized, these sequences are not properly handled, allowing them to be interpreted as active XML...

7.5CVSS5.9AI score0.00472EPSS
Exploits0References7
osv
osv
added 2026/04/02 6:16 p.m.3 views

DEBIAN-CVE-2026-34601

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...

7.5CVSS5.2AI score0.00472EPSS
Exploits0References1
nvd
nvd
added 2026/04/02 6:16 p.m.3 views

CVE-2026-34601

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...

7.5CVSS0.00472EPSS
Exploits0References7
debiancve
debiancve
added 2026/04/02 5:47 p.m.7 views

CVE-2026-34601

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...

7.5CVSS5.2AI score0.00472EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.6 views

PT-2026-29497

Name of the Vulnerable Software and Affected Versions xmldom versions 0.6.0 and prior, and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9 Description The xmldom library contains a flaw where attacker-controlled strings including the CDATA terminator can be inserted into a CDATASection node...

7.5CVSS5.8AI score0.00472EPSS
Exploits0References19
Rows per page
Query Builder