Uncaught Exception in yaml

Description

Uncaught Exception in GitHub repository eemeli/yaml starting at version 2.0.0-5 and prior to 2.2.2.

Recommendation

Update the yaml package to the latest compatible version. Followings are version details:

• Affected version(s): >= 2.0.0-5, < 2.2.2
• Patched version(s): 2.2.2

References

• GHSA-f9xv-q969-pqx4
• huntr.dev
• CVE-2023-2251
• CWE-248
• CAPEC-310
• OWASP 2021-A6

Related Issues

• SvelteKit vulnerable to Cross-Site Request Forgery - CVE-2023-29003
• Feathers socket handler allows abusing implicit toString - @feathersjs/socketio - CVE-2023-37899
• Feathers socket handler allows abusing implicit toString - CVE-2023-37899
• Follow Redirects improperly handles URLs in the url.parse() function - CVE-2023-26159

You might also like:

How to Secure your NodeJs Express Javascript Application - part 1

How to Secure your NodeJs Express Javascript Application - part 2

10 Secure Coding Best Practices to Follow in Every Project

Tags:

npm

yaml