Arbitrary Code Execution in js-yaml

Do your applications use this vulnerable package? Test your applications

Overview

js-yaml is a human-friendly data serialization language.

Affected versions of this package are vulnerable to Arbitrary Code Execution. When an object with an executable toString() property used as a map key, it will execute that function. This happens only for load(), which should not be used with untrusted data anyway. safeLoad() is not affected because it can't parse functions.

Remediation

Upgrade js-yaml to version 3.13.1 or higher.

References

GitHub Commit
GitHub PR
NPM Security Advisory

Attack Vector

Network
Attack Complexity

High
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

High
Integrity

High
Availability

High

Credit: Alex Kocharin
CWE: CWE-94
Snyk ID: SNYK-JS-JSYAML-174129
Disclosed: 05 Apr, 2019
Published: 07 Apr, 2019

Arbitrary Code Execution
Affecting js-yaml package, versions <3.13.1

Overview

Remediation

References

CVSS Score

Arbitrary Code Execution Affecting js-yaml package, versions <3.13.1

Overview

Remediation

References

Arbitrary Code Execution
Affecting js-yaml package, versions <3.13.1