GHSA-xxvw-45rp-3mj2

Suggest an improvement
Source
https://github.com/advisories/GHSA-xxvw-45rp-3mj2
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-xxvw-45rp-3mj2/GHSA-xxvw-45rp-3mj2.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-xxvw-45rp-3mj2
Aliases
  • CVE-2013-4660
Published
2017-10-24T18:33:37Z
Modified
2023-11-08T03:57:24.142876Z
Summary
Deserialization Code Execution in js-yaml
Details

Versions 2.0.4 and earlier of js-yaml are affected by a code execution vulnerability in the YAML deserializer.

Proof of Concept

const yaml = require('js-yaml');

const x = `test: !!js/function >
function f() { 
console.log(1); 
}();`

yaml.load(x);

Recommendation

Update js-yaml to version 2.0.5 or later, and ensure that all instances where the .load() method is called are updated to use .safeLoad() instead.

Database specific 
{
    "nvd_published_at": null,
    "severity": "CRITICAL",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-20"
    ],
    "github_reviewed_at": "2020-06-16T22:05:02Z"
}
References

Affected packages

npm / js-yaml

Package

Name
js-yaml
View open source insights on deps.dev
Purl
pkg:npm/js-yaml

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.5