Description

The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute arbitrary code via a crafted string that triggers an eval operation.

Remediation

References

http://portal.nodesecurity.io/advisories/js-yaml

https://nealpoole.com/blog/2013/06/code-execution-via-yaml-in-js-yaml-nodejs-module/

Related Vulnerabilities

CVE-2018-1000608 Vulnerability in maven package org.jenkins-ci.plugins:zos-connector

CVE-2019-12407 Vulnerability in maven package org.apache.jspwiki:jspwiki-war

CVE-2018-1000008 Vulnerability in maven package org.jvnet.hudson.plugins:pmd

CVE-2023-4853 Vulnerability in maven package io.quarkus:quarkus-keycloak-authorization

CVE-2020-9480 Vulnerability in maven package org.apache.spark:spark-network-shuffle_2.10

Severity

Critical

Classification

CWE-20

Tags

Vendor Advisory Exploit