Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

dompurify

Ecosystem:
npm
Package URL:
pkg:npm/dompurify
Total PRs:
3,146 Dependabot PRs
Latest PR:
about 7 hours ago
Unique Repositories:
1,816 repositories
Unique Repos (30 days):
481 repositories
Security Advisories
DOMPurify contains a Cross-site Scripting vulnerability
GHSA-v8jm-5vwx-cfxm CVE-2025-15599 MODERATE published 18 days ago • updated 17 days ago
DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross-site scripting vulnerability that allows attackers to bypass attribute saniti...
DOMpurify has a nesting-based mXSS
GHSA-gx9m-whjm-85jf CVE-2024-47875 HIGH published over 1 year ago • updated 13 days ago
DOMpurify was vulnerable to nesting-based mXSS fixed by [0ef5e537](https://github.com/cure53/DOMPurify/tree/0ef5e537a514f904b6aa1d7ad9e749e365d71...
DOMPurify allows Cross-site Scripting (XSS)
GHSA-vhxf-7vqr-mrjg CVE-2025-26791 MODERATE published about 1 year ago • updated 14 days ago
DOMPurify before 3.2.4 has an incorrect template literal regular expression when SAFE_FOR_TEMPLATES is set to true, sometimes leading to mutation c...
DOMPurify Open Redirect vulnerability
GHSA-8hgg-xxm5-3873 CVE-2019-25155 MODERATE published over 2 years ago • updated 14 days ago
DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a 'rel="noopener noreferrer"' attribute.
DOMPurify vulnerable to tampering by prototype polution
GHSA-p3vf-v8qc-cwcr CVE-2024-48910 CRITICAL published over 1 year ago • updated 13 days ago
dompurify was vulnerable to prototype pollution Fixed by https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc
View all 10 advisories
Recent PRs
RSS Feed
chore(deps): bump the npm_and_yarn group across 1 directory with 11 updates

ruchernchong/blog #295

3.3.1 → 3.3.3 Patch PR
Open about 7 hours ago 2 comments
ruchernchong
build(deps): bump the minor-patches group with 27 updates

noa10/mataresit #4

3.3.2 → 3.3.3 Patch PR
Open about 8 hours ago 2 comments
noa10
chore(deps): bump dompurify from 2.5.8 to 3.3.3

OneCommunityGlobal/HighestGoodNetworkApp #5041

2.5.8 → 3.3.3 Major PR
Open about 8 hours ago 2 comments
OneCommunityGlobal
Bump the npm_and_yarn group across 4 directories with 18 updates

gcolon75/Project-Valine #440

3.3.0 → 3.3.2 Patch PR
Open about 12 hours ago 3 comments
gcolon75
chore(deps): bump the npm_and_yarn group across 1 directory with 13 updates

prefeitura-betim/compliance-iegm-dashboard #18

3.3.1 → 3.3.3 Patch PR
Open about 13 hours ago 2 comments
prefeitura-betim
Bump dompurify and swagger-ui-react

lightapi/portal-view #502

3.2.6 → 3.3.3 Minor PR
Closed about 14 hours ago 1 comment
lightapi
chore(deps): bump dompurify from 3.3.1 to 3.3.2

Vanshdeepsingh-2232/flowread #4

3.3.1 → 3.3.2 Patch PR
Open about 17 hours ago 1 comment
Vanshdeepsingh-2232
chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates

TrueBankai416/BankaiTechDocs #414

3.3.1 → 3.3.3 Patch PR
Open about 18 hours ago 1 comment
TrueBankai416
Bump dompurify from 3.3.1 to 3.3.3 in /webui

alliance-genome/agr_pavi #891

3.3.1 → 3.3.3 Patch PR
Open about 18 hours ago 20 comments
alliance-genome
chore(deps): bump the minor-and-patch group across 1 directory with 51 updates

Inovico-app/inovy #569

3.3.2 → 3.3.3 Patch PR
Open about 19 hours ago 2 comments
Inovico-app
Bump the npm_and_yarn group across 1 directory with 6 updates

richardjm/richardjm.github.io #3

3.3.1 → 3.3.3 Patch PR
Closed about 21 hours ago 2 comments
richardjm
chore(deps): bump the npm-minor-patch group across 1 directory with 212 updates

weiyb852/VoiceHub-8afce #8

3.3.1 → 3.3.3 Patch PR
Open 1 day ago 1 comment
weiyb852
chore(deps): bump the npm-minor-patch group across 1 directory with 212 updates

weiyb852/VoiceHub-8a016 #8

3.3.1 → 3.3.3 Patch PR
Open 1 day ago 1 comment
weiyb852
chore(deps): bump the npm-minor-patch group across 1 directory with 161 updates

Wenzixi2010/VoiceHub #3

3.3.2 → 3.3.3 Patch PR
Open 1 day ago 2 comments
Wenzixi2010
Bump the npm_and_yarn group across 4 directories with 17 updates

gcolon75/Project-Valine #437

3.3.0 → 3.3.2 Patch PR
Open 1 day ago 4 comments
gcolon75
Bump the npm_and_yarn group across 24 directories with 9 updates

jgeofil/screenpipe #19

3.1.6 → 3.3.3 Minor PR
Open 1 day ago 1 comment
jgeofil
build(deps): bump the npm_and_yarn group across 1 directory with 11 updates

preechapon250/h3 #2

3.3.1 → 3.3.3 Patch PR
Closed 1 day ago 1 comment
preechapon250
Bump the npm_and_yarn group across 6 directories with 13 updates

Enterprise-CMCS/macpro-mdct-seds #15355

3.3.1 → 3.3.2 Patch PR
Closed 1 day ago 2 comments
Enterprise-CMCS
chore(deps): bump the npm_and_yarn group across 1 directory with 3 updates

agentscope-ai/agentscope-java #1001

3.3.0 → 3.3.2 Patch PR
Open 2 days ago 1 comment
agentscope-ai
chore(deps): bump the npm_and_yarn group across 1 directory with 15 updates

open-webui/open-webui #22872

3.2.6 → 3.3.3 Minor PR
Closed 2 days ago 3 comments
open-webui
chore(deps): bump the minor-and-patch group across 1 directory with 29 updates

stephendeslate/lifeplace-app #121

3.2.6 → 3.3.3 Minor PR
Open 2 days ago 5 comments
stephendeslate
build(deps): bump dompurify from 3.2.5 to 3.3.3 in /api

OpenMi-co-jp/ideee #1643

3.2.5 → 3.3.3 Minor PR
Open 2 days ago 2 comments
OpenMi-co-jp
chore(deps): bump the npm_and_yarn group across 11 directories with 15 updates

cezary13k/continue #2

3.3.1 → 3.3.3 Patch PR
Closed 2 days ago 1 comment
cezary13k
chore(deps): bump the production group across 1 directory with 11 updates

ElderEvil/falloutProject #252

3.3.2 → 3.3.3 Patch PR
Open 2 days ago 1 comment
ElderEvil
chore(deps): bump dompurify from 3.3.1 to 3.3.3 in /frontend

AyusmanNanda/college-management-system #143

3.3.1 → 3.3.3 Patch PR
Open 3 days ago 1 comment
AyusmanNanda
Bump the npm_and_yarn group across 1 directory with 7 updates

Reality2byte/vault #372

3.2.6 → 3.3.2 Minor PR
Closed 3 days ago 1 comment
Reality2byte
Bump the npm_and_yarn group across 16 directories with 18 updates

jgeofil/hash #21

3.2.1 → 3.3.3 Minor PR
Closed 3 days ago 2 comments
jgeofil
chore(deps): bump the npm_and_yarn group across 8 directories with 10 updates

affaan-m/stoictradingAI #21

3.2.2 → 3.3.2 Minor PR
Open 3 days ago 2 comments
affaan-m
Bump dompurify from 3.2.6 to 3.3.3 in /website in the npm_and_yarn group across 1 directory

beyond-the-cloud-dev/soql-lib #282

3.2.6 → 3.3.3 Minor PR
Open 3 days ago 2 comments
beyond-the-cloud-dev
chore(deps): bump dompurify from 3.3.1 to 3.3.3

DataBiosphere/data-browser #4708

3.3.1 → 3.3.3 Patch PR
Closed 4 days ago 1 comment
DataBiosphere
chore(deps): bump the npm_and_yarn group across 4 directories with 7 updates

aknibircse/langFusedFork #2

3.2.4 → 3.3.2 Minor PR
Closed 4 days ago 1 comment
aknibircse
deps: bump dompurify from 3.3.1 to 3.3.2

City-of-Helsinki/open-city-profile-ui #502

3.3.1 → 3.3.2 Patch PR
Open 4 days ago 1 comment
City-of-Helsinki
chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates

marzoouq/waqf-mr #9

3.3.1 → 3.3.3 Patch PR
Closed 4 days ago 1 comment
marzoouq
deps: bump dompurify from 3.3.1 to 3.3.2

City-of-Helsinki/palvelutarjotin-admin #445

3.3.1 → 3.3.2 Patch PR
Open 4 days ago 1 comment
City-of-Helsinki
chore(deps): bump the npm_and_yarn group across 1 directory with 7 updates

Shards-foundation/swarm-agent #35

3.3.0 → 3.3.3 Patch PR
Open 4 days ago 1 comment
Shards-foundation
chore(deps): bump the npm_and_yarn group across 5 directories with 12 updates

naywint3/web #8

3.2.6 → 3.3.2 Minor PR
Closed 4 days ago 1 comment
naywint3
Bump the npm_and_yarn group across 3 directories with 9 updates

sethchyna-ux/vscode-openapi #14

3.3.0 → 3.3.3 Patch PR
Closed 4 days ago 1 comment
sethchyna-ux
chore(deps): bump the npm_and_yarn group across 1 directory with 8 updates

hyperledger-identus/docs #251

3.3.0 → 3.3.3 Patch PR
Open 4 days ago 1 comment
hyperledger-identus
Bump dompurify from 3.3.2 to 3.3.3

SAHearn1/neurolearn #360

3.3.2 → 3.3.3 Patch PR
Open 4 days ago 2 comments
SAHearn1
chore(deps): bump the npm_and_yarn group across 1 directory with 36 updates

mrheyday/app #14

2.4.1 → 3.3.2 Major PR
Open 4 days ago 1 comment
mrheyday
build(deps): bump the npm_and_yarn group across 4 directories with 20 updates

HunterSides/excalidraw #2

3.0.11 → 3.3.3 Minor PR
Closed 4 days ago 1 comment
HunterSides
Chore(deps): Bump the npm_and_yarn group across 2 directories with 4 updates

WilsonLe/Rocket.Chat #13

2.5.9 → 3.3.3 Major PR
Closed 4 days ago 1 comment
WilsonLe
chore(deps): bump the npm_and_yarn group across 1 directory with 12 updates

prefeitura-betim/compliance-iegm-dashboard #17

3.3.1 → 3.3.3 Patch PR
Closed 4 days ago 3 comments
prefeitura-betim
chore(deps): bump the npm_and_yarn group across 1 directory with 4 updates

hamdanialaa3/New-Globul-Cars #51

3.3.1 → 3.3.3 Patch PR
Closed 4 days ago 1 comment
hamdanialaa3
Bump the npm_and_yarn group across 1 directory with 9 updates

arpitjain099/cdc-open-viz #6

3.2.4 → 3.3.2 Minor PR
Closed 4 days ago 1 comment
arpitjain099
Bump dompurify from 3.3.2 to 3.3.3 in /frontend

admariner/streamlit #958

3.3.2 → 3.3.3 Patch PR
Closed 5 days ago 3 comments
admariner
chore(deps): bump the npm-dependencies group in /booklore-ui with 26 updates

erblore/erblore #7

3.3.2 → 3.3.3 Patch PR
Open 5 days ago 3 comments
erblore
chore(deps): bump the npm-dependencies group in /booklore-ui with 26 updates

ekkolyth/ekkolore #7

3.3.2 → 3.3.3 Patch PR
Open 5 days ago 3 comments
ekkolyth
Bump dompurify from 3.3.2 to 3.3.3 in /frontend

sthagen/streamlit-streamlit #487

3.3.2 → 3.3.3 Patch PR
Open 5 days ago 1 comment
sthagen
chore(deps): bump the js-patch-minor group across 1 directory with 38 updates

siddharthanagula3/agiworkforce-desktop-app #293

3.3.2 → 3.3.3 Patch PR
Closed 5 days ago 2 comments
siddharthanagula3
Package Details
Name: dompurify
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/dompurify
JSON API: View JSON
Security Advisories

10

Active advisories
CRITICAL 2
HIGH 2
MODERATE 6
View All npm Advisories
Package Information
Description:

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin

Repository: https://github.com/cure53/DOMPurify
Homepage: https://github.com/cure53/DOMPurify
Latest Release: 3.2.6
10 months ago
Dependent Repos: 56,633
Dependent Packages: 1,705
Downloads: 43,072,032
Ranking: Top 0.1284% by dependent repos Top 0.0589% by downloads Top 0.0449% by dependent pkgs
PR Status
Open 1,705 (54.2%)
Merged 269 (8.6%)
Closed 926 (29.4%)
PR Types
Removal 1 (0.0%)
Minor 983 (31.2%)
Major 391 (12.4%)
Patch 1,494 (47.5%)