You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Arbitrary Code Execution
Vulnerable module: js-yaml
Introduced through: [email protected]
Detailed paths
Introduced through: walletgenerator.net@walletgeneratornet/WalletGenerator.net › [email protected] › [email protected]
Remediation: Upgrade to [email protected].
Overview
js-yaml is a human-friendly data serialization language.
Affected versions of this package are vulnerable to Arbitrary Code Execution. When an object with an executable toString() property used as a map key, it will execute that function. This happens only for load(), which should not be used with untrusted data anyway. safeLoad() is not affected because it can't parse functions.
Arbitrary Code Execution vulnerability
The text was updated successfully, but these errors were encountered:
Arbitrary Code Execution
Vulnerable module: js-yaml
Introduced through: [email protected]
Detailed paths
Introduced through: walletgenerator.net@walletgeneratornet/WalletGenerator.net › [email protected] › [email protected]
Remediation: Upgrade to [email protected].
Overview
js-yaml is a human-friendly data serialization language.
Affected versions of this package are vulnerable to Arbitrary Code Execution. When an object with an executable toString() property used as a map key, it will execute that function. This happens only for load(), which should not be used with untrusted data anyway. safeLoad() is not affected because it can't parse functions.
Arbitrary Code Execution vulnerability
The text was updated successfully, but these errors were encountered: