@types/yaml

@types/yaml

Releases12
Frequency1 month 3 weeks
Last Release
Stub TypeScript definitions entry for yaml, which provides its own types definitions

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
= *, >= 2.0.0-5, < 2.2.27.5 HIGH

Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5.

< 2.2.47.5 HIGH

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.

< 2.2.35.5 MEDIUM

Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.

= 3.0.07.5 HIGH5 MEDIUM

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.