Nodeca Js-yaml
2 CVEs affecting Nodeca Js-yaml. Latest disclosed: 2025-11-13. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-64718 | Medium | 5.3 | 2025-11-13 | js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a pa… |
CVE-2013-4660 | | 2013-06-28 | The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute ar… |