pkg:npm/js-yaml

2 total CVEsMEDIUM1

✅ Check your installed version

All known vulnerabilities

  • MEDIUM5.3CVE-2025-64718js-yaml has prototype pollution in merge (<<)
    >= 4.0.0, < 4.1.1
  • CVE-2013-4660Deserialization Code Execution in js-yaml
    from 0, < 2.0.5