Lucene search
PRIOn knowledge basePRION:CVE-2013-4660HistoryJun 28, 2013 - 2:55 p.m.
Code injection
2013-06-2814:55:00
PRIOn knowledge base
www.prio-n.com
5
8 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.93 High
EPSS
Percentile
99.0%
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute arbitrary code via a crafted string that triggers an eval operation.
Related
packetstorm
packetstorm
Nodejs js-yaml load() Code Execution
2013-09-25 00:00:00
osv
osv
Deserialization Code Execution in js-yaml
2017-10-24 18:33:37
github
github
Deserialization Code Execution in js-yaml
2017-10-24 18:33:37
checkpoint_advisories
checkpoint_advisories
Nodejs js-yaml load() Code Execution (CVE-2013-4660)
2013-12-22 00:00:00
cve
cve
CVE-2013-4660
2013-06-28 14:55:00
nodejs
nodejs
Deserialization Code Execution
2015-10-17 19:41:46
zdt
zdt
Nodejs js-yaml load() Code Execution Vulnerability
2013-09-26 00:00:00
securityvulns
securityvulns
[oss-security] CVE request: various NodeJS module vulnerabilities
2014-05-15 00:00:00
8 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.93 High
EPSS
Percentile
99.0%
Related for PRION:CVE-2013-4660