VulnerableCode Package Details - pkg:npm/node-expat@2.1.2

Search for packages

Package details: pkg:npm/node-expat@2.1.2

Essentials
History (2)

purl	pkg:npm/node-expat@2.1.2

Next non-vulnerable version	2.3.0
Latest non-vulnerable version	2.3.0
Risk	3.5

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-qjkj-j7hf-xkge Aliases: CVE-2016-5300		2.2.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-up6m-s5s7-rfft Aliases: CVE-2018-20843	In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).	2.3.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T09:23:24.361124+00:00	GitLab Importer	Affected by	VCID-up6m-s5s7-rfft	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/node-expat/CVE-2018-20843.yml	37.0.0
2025-08-01T08:56:30.876023+00:00	GitLab Importer	Affected by	VCID-qjkj-j7hf-xkge	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/node-expat/CVE-2016-5300.yml	37.0.0