DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-47875

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-47875

CGA ID

CGA-c8mw-2r5f-43qx

Severity

10.0

Critical

CVSS V3

Summary

DOMpurify has a nesting-based mXSS

Description

DOMpurify was vulnerable to nesting-based mXSS

fixed by 0ef5e537 (2.x) and merge 943

Backporter should be aware of GHSA-mmhx-hmjr-r674 (CVE-2024-45801) when cherry-picking

POC is avaible under test

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images