Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
js-yaml project js-yaml vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv3
CVE-2020-7738
All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().
Shiba Project Shiba
NA
CVE-2013-4660
The JS-YAML module prior to 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote malicious users to execute arbitrary code via a crafted string that triggers an eval operation.
Js-yaml Project Js-yaml
Js-yaml Project Js-yaml 0.2.2
Js-yaml Project Js-yaml 2.0.0
Js-yaml Project Js-yaml 1.0.1
Js-yaml Project Js-yaml 0.3.2
Js-yaml Project Js-yaml 0.3.3
Js-yaml Project Js-yaml 2.0.2
Js-yaml Project Js-yaml 0.2.0
Js-yaml Project Js-yaml 0.3.0
Js-yaml Project Js-yaml 2.0.1
Js-yaml Project Js-yaml 1.0.2
Js-yaml Project Js-yaml 1.0.0
Js-yaml Project Js-yaml 0.3.4
Js-yaml Project Js-yaml 0.3.5
Js-yaml Project Js-yaml 1.0.3
Js-yaml Project Js-yaml 0.2.1
Js-yaml Project Js-yaml 0.3.6
Js-yaml Project Js-yaml 2.0.3
Js-yaml Project Js-yaml 0.3.1
Js-yaml Project Js-yaml 0.3.7
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started