Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2026/06/24 2:35 a.m.9 views

SUSE CVE-2026-53550

js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size an...

5.3CVSS5.8AI score0.00259EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:59 p.m.3 views

CVE-2026-53550

js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size an...

5.3CVSS5.8AI score0.00259EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/22 2:59 p.m.16 views

CVE-2026-53550 js-yaml: Quadratic-complexity DoS in merge key handling via repeated aliases

js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size an...

5.3CVSS5.8AI score0.00259EPSS
Exploits1References1
CVE
CVE
added 2026/06/22 2:59 p.m.135 views

CVE-2026-53550

js-yaml vulnerability CVE-2026-53550 stems from the merge-key handling (<<) in lib/loader.js, causing quadratic parse-time DoS when processing crafted YAML with repeated aliases prior to version 4.2.0. Affected: js-yaml

5.3CVSS5.8AI score0.00259EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 2:59 p.m.41 views

CVE-2026-53550 js-yaml: Quadratic-complexity DoS in merge key handling via repeated aliases

js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size an...

5.3CVSS0.00259EPSS
Exploits1References1
Patchstack
Patchstack
added 2026/06/15 5:15 p.m.6 views

NPM: JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases

NPM: JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases vulnerability discovered by ? in WordPress Npm js-yaml versions = 4.1.1...

5.3CVSS5.8AI score0.00259EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/15 5:15 p.m.8 views

GHSA-H67P-54HQ-RP68 JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases

Summary A crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size and can block a Node.js worker/event loop for seconds with a relative...

5.3CVSS5.6AI score0.00259EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.63 views

PT-2026-49573

Name of the Vulnerable Software and Affected Versions js-yaml versions prior to 4.2.0 Description A crafted YAML document can trigger algorithmic CPU exhaustion during merge-key processing by repeating the same alias multiple times in a merge sequence. This results in quadratic parse-time behavio...

5.3CVSS5.8AI score0.00259EPSS
Exploits1References19
Rows per page
Query Builder