CVE-2023-26920
CVE-2023-26920 affects the fast-xml-parser library (before 4.1.2). The issue is a Prototype Pollution flaw triggered by proto and can lead to remote code execution or denial of service, per IBM’s Cloud Pak for Data advisory (affecting 4.0.0–4.8.4; remediation to 4.8.5). NVD lists CVSSv3.1 base sc...