Skip to content

Commit a5b3c62

Browse files
maeldonnmaeldonn
committed
Resolve fast-xml-parser CVE-2026-26278 via yarn resolution
Issue: CLDSRV-868
1 parent 4b3ce9a commit a5b3c62

File tree

2 files changed

+6
-54
lines changed

2 files changed

+6
-54
lines changed

package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,8 @@
8484
},
8585
"resolutions": {
8686
"jsonwebtoken": "^9.0.0",
87-
"nan": "v2.22.0"
87+
"nan": "v2.22.0",
88+
"fast-xml-parser": "5.3.8"
8889
},
8990
"mocha": {
9091
"recursive": true,

yarn.lock

Lines changed: 4 additions & 53 deletions
Original file line numberDiff line numberDiff line change
@@ -7282,42 +7282,13 @@ fast-safe-stringify@^2.1.1:
72827282
resolved "https://registry.yarnpkg.com/fast-safe-stringify/-/fast-safe-stringify-2.1.1.tgz#c406a83b6e70d9e35ce3b30a81141df30aeba884"
72837283
integrity sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA==
72847284

7285-
fast-xml-builder@^1.0.0:
7286-
version "1.1.3"
7287-
resolved "https://registry.yarnpkg.com/fast-xml-builder/-/fast-xml-builder-1.1.3.tgz#283579acba94aecf998a7e1339bc7e037195abc1"
7288-
integrity sha512-1o60KoFw2+LWKQu3IdcfcFlGTW4dpqEWmjhYec6H82AYZU2TVBXep6tMl8Z1Y+wM+ZrzCwe3BZ9Vyd9N2rIvmg==
7289-
dependencies:
7290-
path-expression-matcher "^1.1.3"
7291-
7292-
fast-xml-parser@5.2.5:
7293-
version "5.2.5"
7294-
resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.2.5.tgz#4809fdfb1310494e341098c25cb1341a01a9144a"
7295-
integrity sha512-pfX9uG9Ki0yekDHx2SiuRIyFdyAr1kMIMitPvb0YBo8SUfKvia7w7FIyd/l6av85pFYRhZscS75MwMnbvY+hcQ==
7296-
dependencies:
7297-
strnum "^2.1.0"
7298-
7299-
fast-xml-parser@5.4.1:
7300-
version "5.4.1"
7301-
resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.4.1.tgz#0c81b8ecfb3021e5ad83aa3df904af19a05bc601"
7302-
integrity sha512-BQ30U1mKkvXQXXkAGcuyUA/GA26oEB7NzOtsxCDtyu62sjGw5QraKFhx2Em3WQNjPw9PG6MQ9yuIIgkSDfGu5A==
7285+
fast-xml-parser@5.2.5, fast-xml-parser@5.3.8, fast-xml-parser@5.4.1, fast-xml-parser@^4.3.2, fast-xml-parser@^5.0.7:
7286+
version "5.3.8"
7287+
resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.3.8.tgz#b5bc2045620d1b9cf342a2aa4d72391ef0b36a9e"
7288+
integrity sha512-53jIF4N6u/pxvaL1eb/hEZts/cFLWZ92eCfLrNyCI0k38lettCG/Bs40W9pPwoPXyHQlKu2OUbQtiEIZK/J6Vw==
73037289
dependencies:
7304-
fast-xml-builder "^1.0.0"
73057290
strnum "^2.1.2"
73067291

7307-
fast-xml-parser@^4.3.2:
7308-
version "4.5.4"
7309-
resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-4.5.4.tgz#64e52ddf1308001893bd225d5b1768840511c797"
7310-
integrity sha512-jE8ugADnYOBsu1uaoayVl1tVKAMNOXyjwvv2U6udEA2ORBhDooJDWoGxTkhd4Qn4yh59JVVt/pKXtjPwx9OguQ==
7311-
dependencies:
7312-
strnum "^1.0.5"
7313-
7314-
fast-xml-parser@^5.0.7:
7315-
version "5.0.9"
7316-
resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.0.9.tgz#5b64c810e70941a9c07b07ead8299841fbb8dd76"
7317-
integrity sha512-2mBwCiuW3ycKQQ6SOesSB8WeF+fIGb6I/GG5vU5/XEptwFFhp9PE8b9O7fbs2dpq9fXn4ULR3UsfydNUCntf5A==
7318-
dependencies:
7319-
strnum "^2.0.5"
7320-
73217292
"fcntl@github:scality/node-fcntl#0.3.0":
73227293
version "0.3.0"
73237294
resolved "https://codeload.github.com/scality/node-fcntl/tar.gz/397840a8842e6d8067b6be8c22f1a2b81486f123"
@@ -9935,11 +9906,6 @@ path-exists@^4.0.0:
99359906
resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-4.0.0.tgz#513bdbe2d3b95d7762e8c1137efa195c6c61b5b3"
99369907
integrity sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==
99379908

9938-
path-expression-matcher@^1.1.3:
9939-
version "1.1.3"
9940-
resolved "https://registry.yarnpkg.com/path-expression-matcher/-/path-expression-matcher-1.1.3.tgz#8bf7c629dc1b114e42b633c071f06d14625b4e0d"
9941-
integrity sha512-qdVgY8KXmVdJZRSS1JdEPOKPdTiEK/pi0RkcT2sw1RhXxohdujUlJFPuS1TSkevZ9vzd3ZlL7ULl1MHGTApKzQ==
9942-
99439909
path-is-absolute@^1.0.0:
99449910
version "1.0.1"
99459911
resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
@@ -11041,21 +11007,6 @@ strip-json-comments@^5.0.2:
1104111007
resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-5.0.3.tgz#b7304249dd402ee67fd518ada993ab3593458bcf"
1104211008
integrity sha512-1tB5mhVo7U+ETBKNf92xT4hrQa3pm0MZ0PQvuDnWgAAGHDsfp4lPSpiS6psrSiet87wyGPh9ft6wmhOMQ0hDiw==
1104311009

11044-
strnum@^1.0.5:
11045-
version "1.1.2"
11046-
resolved "https://registry.yarnpkg.com/strnum/-/strnum-1.1.2.tgz#57bca4fbaa6f271081715dbc9ed7cee5493e28e4"
11047-
integrity sha512-vrN+B7DBIoTTZjnPNewwhx6cBA/H+IS7rfW68n7XxC1y7uoiGQBxaKzqucGUgavX15dJgiGztLJ8vxuEzwqBdA==
11048-
11049-
strnum@^2.0.5:
11050-
version "2.0.5"
11051-
resolved "https://registry.yarnpkg.com/strnum/-/strnum-2.0.5.tgz#40700b1b5bf956acdc755e98e90005d7657aaaea"
11052-
integrity sha512-YAT3K/sgpCUxhxNMrrdhtod3jckkpYwH6JAuwmUdXZsmzH1wUyzTMrrK2wYCEEqlKwrWDd35NeuUkbBy/1iK+Q==
11053-
11054-
strnum@^2.1.0:
11055-
version "2.1.1"
11056-
resolved "https://registry.yarnpkg.com/strnum/-/strnum-2.1.1.tgz#cf2a6e0cf903728b8b2c4b971b7e36b4e82d46ab"
11057-
integrity sha512-7ZvoFTiCnGxBtDqJ//Cu6fWtZtc7Y3x+QOirG15wztbdngGSkht27o2pyGWrVy0b4WAy3jbKmnoK6g5VlVNUUw==
11058-
1105911010
strnum@^2.1.2:
1106011011
version "2.2.0"
1106111012
resolved "https://registry.yarnpkg.com/strnum/-/strnum-2.2.0.tgz#8b582b637e4621f62ff714493e0ce30846f903a6"

0 commit comments

Comments
 (0)