U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2022-39353

Change History

Initial Analysis by NIST 11/04/2022 8:29:27 AM

Action Type Old Value New Value
Added CPE Configuration

     *cpe:2.3:a:xmldom_project:xmldom:*:*:*:*:*:node.js:*:* versions up to (excluding) 0.6.0
     *cpe:2.3:a:xmldom_project:xmldom:*:*:*:*:*:node.js:*:* versions from (including) 0.7.0 up to (excluding) 0.7.7
     *cpe:2.3:a:xmldom_project:xmldom:*:*:*:*:*:node.js:*:* versions from (including) 0.8.0 up to (excluding) 0.8.4
Added CVSS V3.1

Added CWE

Changed Reference Type
https://github.com/jindw/xmldom/issues/150 No Types Assigned
https://github.com/jindw/xmldom/issues/150 Exploit, Issue Tracking, Third Party Advisory
Changed Reference Type
https://github.com/xmldom/xmldom/security/advisories/GHSA-crh6-fp67-6883 No Types Assigned
https://github.com/xmldom/xmldom/security/advisories/GHSA-crh6-fp67-6883 Third Party Advisory