Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2023-26920 affecting fast-xml-parser #28

Closed
guaycuru opened this issue Aug 14, 2023 · 2 comments
Closed

CVE-2023-26920 affecting fast-xml-parser #28

guaycuru opened this issue Aug 14, 2023 · 2 comments
Labels
enhancement New feature or request

Comments

@guaycuru
Copy link

fast-xml-parser < 4.1.2 is affected by CVE-2023-26920.
Would it be possible to release a new test-results-reporter version that requires fast-xml-parser v4.1.2 or above?
@ASaiAnudeep ASaiAnudeep added the enhancement New feature or request label Aug 23, 2023
nafeger added a commit to nafeger/test-results-reporter-parser that referenced this issue Oct 20, 2023
@nafeger
Upgrade to fast-xml-parser 4.3.2
4ad2d74 
This moves this project to the new version of the xml parser.
There are some differences in this new parser specifically related to how it turns elements into arrays. This is not something that must be done explicitly, which can be seen in helper.js

test-results-reporter#28
@nafeger nafeger mentioned this issue Oct 20, 2023
Merged
@ASaiAnudeep
Copy link
Member

Upgraded the version of fast-xml-parser to latest in #31

@guaycuru-fc
Copy link

@ASaiAnudeep Awesome, now we only need a new test-results-reporter version to be released :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@guaycuru @ASaiAnudeep @guaycuru-fc