OsVault/npm/yapi-vendor
npm

yapi-vendor

4 known vulnerabilities · 0 critical · 0 high

CVE-2025-70058

yapi disables TLS/SSL certificate validation via rejectUnauthorized: false in Axios HTTPS agent

Published Feb 23, 2026
CVE-2021-27884MEDIUM

Weak JSON Web Token in yapi-vendor

Published Mar 26, 2021
CVE-2021-36686MEDIUM

Cross-site Scripting in yapi-vendor

Published Jan 26, 2023
CVE-2018-17574MEDIUM

Cross-site Scripting in yapi-vendor

Published Nov 21, 2018
Check your entire dependency tree at onceRun dependency scan →