Lucene search
Neal PooleNODEJS:16HistoryOct 17, 2015 - 7:41 p.m.
Deserialization Code Execution
2015-10-1719:41:46
Neal Poole
www.npmjs.com
30
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Overview
Versions 2.0.4 and earlier of js-yaml are affected by a code execution vulnerability in the YAML deserializer.
Proof of Concept
const yaml = require('js-yaml');
const x = `test: !!js/function >
function f() {
console.log(1);
}();`
yaml.load(x);
Recommendation
Update js-yaml to version 2.0.5 or later, and ensure that all instances where the .load() method is called are updated to use .safeLoad() instead.
References
Related
packetstorm
packetstorm
Nodejs js-yaml load() Code Execution
2013-09-25 00:00:00
osv
osv
Deserialization Code Execution in js-yaml
2017-10-24 18:33:37
github
github
Deserialization Code Execution in js-yaml
2017-10-24 18:33:37
prion
prion
Code injection
2013-06-28 14:55:00
zdt
zdt
Nodejs js-yaml load() Code Execution Vulnerability
2013-09-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Nodejs js-yaml load() Code Execution (CVE-2013-4660)
2013-12-22 00:00:00
cve
cve
CVE-2013-4660
2013-06-28 14:55:00
securityvulns
securityvulns
[oss-security] CVE request: various NodeJS module vulnerabilities
2014-05-15 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related for NODEJS:16