MEDIUM 5.9 npm
GHSA-2pr6-76vf-7546 Denial of Service in js-yaml
Modified: 8/4/2021
package
npm / js-yaml
pkg:npm/js-yaml
HIGH npm
GHSA-8j8c-7jfh-h6hx Code Injection in js-yaml
Modified: 8/31/2020
MEDIUM 5.3 npm
GHSA-h67p-54hq-rp68 · CVE-2026-53550 JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases
Modified: 6/15/2026
MEDIUM 5.3 npm
GHSA-mh29-5h37-fv8m · CVE-2025-64718 js-yaml has prototype pollution in merge (<<)
Modified: 2/4/2026
CRITICAL npm
GHSA-xxvw-45rp-3mj2 · CVE-2013-4660 Deserialization Code Execution in js-yaml
Modified: 11/8/2023