Merge pull request #5 from Sanyug92/master

Vulnerability patch for misinterpretation of malicious XML input for xmldom package
phylp · Mar 16, 2021 · 5803a09 · 5803a09
2 parents 66402da + c9a5016
commit 5803a09
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 20 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -6,9 +6,9 @@
   "dependencies": {
     "lodash": "^4.17.20",
     "thumbprint": "^0.0.1",
-    "xml-crypto": "^2.0.0",
+    "xml-crypto": "^2.1.1",
     "xml2js": "^0.4.23",
-    "xmldom": "^0.4.0"
+    "xmldom": "^0.5.0"
   },
   "repository": {
     "type": "git",