@types/yaml
Releases12
Frequency1 month 3 weeks
Last Release
Stub TypeScript definitions entry for yaml, which provides its own types definitions
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| = *, >= 2.0.0-5, < 2.2.2 | 7.5 HIGH | — | ||
Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5. | ||||
| < 2.2.4 | 7.5 HIGH | — | ||
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. | ||||
| < 2.2.3 | 5.5 MEDIUM | — | ||
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector. | ||||
| = 3.0.0 | 7.5 HIGH | 5 MEDIUM | ||
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. | ||||