Package impact
npm / dompurify
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47875 | high | — | 8.0 | 2y ago | Important: grafana security update | |||
| CVE-2026-41240 | medium | 6.1 | 6.1 | 1mo ago | DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBID_TAGS and FORBID_ATTR handling when function-based ADD_TA… |