Fast Xml Parser Security Vulnerabilities and Issues — Fast Xml Parser CVE List

Lucene search

NaturalintelligenceFast Xml Parser

3 matches found

CVE•added 2024/07/29 4:15 p.m.•387 views

CVE-2024-41818

fast-xml-parser is an open source, pure javascript xml parser. a ReDOS exists on currency.js. This vulnerability is fixed in 4.4.1.

7.5CVSS7.4AI score0.00699EPSS

CVE•added 2023/12/12 5:15 p.m.•141 views

CVE-2023-26920

fast-xml-parser before 4.1.2 allows proto for Prototype Pollution.

6.5CVSS6.3AI score0.00226EPSS

CVE•added 2023/06/06 6:15 p.m.•83 views

CVE-2023-34104

fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating a regex for searching and replacing entities in the XML body, an attacker can abuse it for denial ...

7.5CVSS7.3AI score0.00273EPSS