yaml

yaml is vulnerable to Stack Overflow via deeply nested YAML collections

Uncaught Exception in yaml

Deserialization Code Execution in js-yaml

Malicious code in bender-lyaml-loader (npm)

Heap Based Buffer Overflow in libyaml

Malicious code in yaml2binary (npm)

js-yaml has prototype pollution in merge (<<)

Malicious code in fake-yaml (npm)

Malicious code in javascript-yaml (npm)

Malicious code in yaml-javascript (npm)

Malicious code in yaml2stream (npm)

JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases

Malicious code in xml2yaml (npm)

Malicious code in yaml-mcp-wrapper (npm)

Malicious code in yaml-manifest-utils-mynarratorai (npm)

Renovate vulnerable to arbitrary command injection via helmv3 manager and malicious Chart.yaml file

Shamefile has an arbitrary file read via shamefile.yaml in shame next

@tinacms/cli: Remote Code Execution in @tinacms/cli via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels