EPSS
Percentile
44.5%
shiba is vulnerable to arbitrary code execution. The vulnerability exists through the use of the unsafe function load() in js-yaml.
load()
js-yaml
github.com/rhysd/Shiba/blob/4f31c9b5704f891e313abfe557b0492182761728/browser/config.ts#L111