VYPR

npm package

min-document

pkg:npm/min-document

Vulnerabilities (1)

  • CVE-2025-57352MedSep 24, 2025
    affected < 2.19.1fixed 2.19.1

    A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the __proto__ property, an attacker can manipulate the prototype chain of