npm shows vulnerabilities with dep fast-xml-parser

Output npm audit:
# npm audit report

fast-xml-parser  <=4.2.3
Severity: high
fast-xml-parser vulnerable to Regex Injection via Doctype Entities - https://github.com/advisories/GHSA-6w63-h3fj-q4vw
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name - https://github.com/advisories/GHSA-x3cc-x39p-42qx
No fix available
node_modules/fast-xml-parser
  boardgamegeekclient  *
  Depends on vulnerable versions of fast-xml-parser
  node_modules/boardgamegeekclient

2 high severity vulnerabilities

Maybe not as important for most usecases, just thought you should know and I think they fixed the issue with a newer release so changing the version should fix the warning.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

npm shows vulnerabilities with dep fast-xml-parser #48

npm audit report

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

npm shows vulnerabilities with dep fast-xml-parser #48

Description

npm audit report

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions