2 matches found
CVE-2026-53550 js-yaml: Quadratic-complexity DoS in merge key handling via repeated aliases
js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size an...
NPM: JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases
NPM: JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases vulnerability discovered by ? in WordPress Npm js-yaml versions = 4.1.1...