Vulnerabilities > JS Yaml Project

DATE	CVE	VULNERABILITY TITLE	RISK
2013-06-28	CVE-2013-4660	Improper Input Validation vulnerability in Js-Yaml Project Js-Yaml The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute arbitrary code via a crafted string that triggers an eval operation. network js-yaml-project CWE-20	6.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > JS Yaml Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"JS Yaml Project"}]}

Vulnerabilities > JS Yaml Project