Skip to content

Commit 1f61ec1

Browse files
maximthomasmaximthomas
committed
CVE-2025-64718 js-yaml has prototype pollution in merge (<<)
1 parent eea0831 commit 1f61ec1

File tree

3 files changed

+18
-22
lines changed

3 files changed

+18
-22
lines changed

openam-ui/openam-ui-api/package-lock.json

Lines changed: 4 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

openam-ui/openam-ui-ria/package-lock.json

Lines changed: 5 additions & 16 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

openam-ui/openam-ui-ria/package.json

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -50,15 +50,21 @@
5050
"rimraf": "2.5.4",
5151
"sinon": "1.17.6",
5252
"sinon-chai": "2.8.0",
53-
"ajv": "^8.16.0"
53+
"ajv": "^8.16.0",
54+
"js-yaml": "^3.14.2"
5455
},
5556
"overrides": {
5657
"mocha": {
57-
"flat": "5.0.2"
58+
"flat": "5.0.2",
59+
"js-yaml": "$js-yaml"
5860
},
5961
"eslint": {
6062
"shelljs": "^0.8.5",
61-
"ajv": "$ajv"
63+
"ajv": "$ajv",
64+
"js-yaml": "$js-yaml"
65+
},
66+
"grunt": {
67+
"js-yaml": "$js-yaml"
6268
}
6369
}
6470
}

0 commit comments

Comments
 (0)