[GHSA-8j8c-7jfh-h6hx] Code Injection in js-yaml

advisories/github-reviewed/2019/06/GHSA-8j8c-7jfh-h6hx/GHSA-8j8c-7jfh-h6hx.json

@@ -1,27 +1,25 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-8j8c-7jfh-h6hx",
-  "modified": "2020-08-31T18:36:43Z",
+  "modified": "2023-11-29T20:43:52Z",
   "published": "2019-06-04T20:14:07Z",
   "aliases": [
 
   ],
   "summary": "Code Injection in js-yaml",
   "details": "Versions of `js-yaml` prior to 3.13.1 are vulnerable to Code Injection. The `load()` function may execute arbitrary code injected through a malicious YAML file. Objects that have `toString` as key, JavaScript code as value and are used as explicit mapping keys allow attackers to execute the supplied code through the `load()` function. The `safeLoad()` function is unaffected.\n\nAn example payload is \n`{ toString: !<tag:yaml.org,2002:js/function> 'function (){return Date.now()}' } : 1` \nwhich returns the object \n{\n  \"1553107949161\": 1\n}\n\n\n## Recommendation\n\nUpgrade to version 3.13.1.",
   "severity": [
-
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N"
+    }
   ],
   "affected": [
     {
       "package": {
         "ecosystem": "npm",
         "name": "js-yaml"
       },
-      "ecosystem_specific": {
-        "affected_functions": [
-          "(js-yaml).load"
-        ]
-      },
       "ranges": [
         {
           "type": "ECOSYSTEM",
@@ -55,7 +53,7 @@
     "cwe_ids": [
       "CWE-94"
     ],
-    "severity": "HIGH",
+    "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2019-06-04T20:13:53Z",
     "nvd_published_at": null