Back to bug 1987330
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2021-07-29 14:03:58 UTC | Depends On | 1987331 | |
| Guilherme de Almeida Suckevicz | 2021-07-29 14:04:08 UTC | Blocks | 1987332 | |
| Jan Werner | 2021-07-30 18:45:36 UTC | CC | aileenc, chazlett, drieden, ggaughan, gmalinko, janstey, jochrist, jwon | |
| Chess Hazlett | 2021-07-30 21:52:28 UTC | Flags | needinfo?(jochrist) | |
| Jonathan Christison | 2021-08-02 11:16:26 UTC | CC | aos-bugs, rfreiman | |
| Depends On | 1989054 | |||
| Flags | needinfo?(jochrist) | |||
| Jan Werner | 2021-09-07 12:57:09 UTC | Doc Text | The xmldom library is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. Invalid processing of xml document could lead to a loss of confidentiality or integrity of data in the application using the vulnerable library. | |
| Fixed In Version | xmldom 0.7.0 | |||
| RaTasha Tillery-Smith | 2021-09-22 13:53:13 UTC | Doc Text | The xmldom library is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. Invalid processing of xml document could lead to a loss of confidentiality or integrity of data in the application using the vulnerable library. | A flaw was found in nodejs-xmldom. The xmldom library is an open-source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. Xmldom does not correctly escape special characters when serializing elements removed from their ancestor. This flaw may lead to unexpected syntactic changes during XML processing in some downstream applications. Invalid processing of XML documents could lead to a loss of confidentiality or integrity of data in the application using the vulnerable library. |
| Red Hat Bugzilla | 2022-04-19 04:39:08 UTC | CC | ggaughan | |
| Red Hat Bugzilla | 2022-10-08 04:27:52 UTC | CC | gghezzo | |
| Red Hat Bugzilla | 2023-05-15 18:09:18 UTC | CC | drieden | |
| Red Hat Bugzilla | 2023-07-07 08:31:00 UTC | Assignee | security-response-team | nobody |
Back to bug 1987330