fast-xml-parser
Validate XML, Parse XML, Build XML without C/C++ based libraries
Security Advisories for fast-xml-parser in npm
Moderate
about 1 month ago
fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters
npm
fast-xml-parser
Moderate
2 months ago
Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy Evaluation in fast-xml-parser
npm
fast-xml-parser
High
3 months ago
fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)
npm
fast-xml-parser
Low
3 months ago
fast-xml-parser has stack overflow in XMLBuilder with preserveOrder
npm
fast-xml-parser
Critical
3 months ago
fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names
npm
fast-xml-parser
High
3 months ago
fast-xml-parser affected by DoS through entity expansion in DOCTYPE (no expansion limit)
npm
fast-xml-parser
Low
almost 3 years ago
fast-xml-parser regex vulnerability patch could be improved from a safety perspective
npm
fast-xml-parser
Moderate
almost 3 years ago
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name
npm
fast-xml-parser
High
almost 3 years ago
fast-xml-parser vulnerable to Regex Injection via Doctype Entities
npm
fast-xml-parser