Skip to content

[fix] Update js-yaml to 4.3.0 (CVE-2026-53550)#190

Merged
kobsy merged 1 commit into
mainfrom
june_js-yaml_cves
Jun 29, 2026
Merged

[fix] Update js-yaml to 4.3.0 (CVE-2026-53550)#190
kobsy merged 1 commit into
mainfrom
june_js-yaml_cves

Conversation

@MatthewJamisonJS

Copy link
Copy Markdown
Member

Bumps js-yaml from 4.1.1 to 4.3.0 to resolve a prototype-pollution / parsing vulnerability. Why: CVE-2026-53550.

@MatthewJamisonJS MatthewJamisonJS requested a review from a team June 29, 2026 16:48
@MatthewJamisonJS MatthewJamisonJS added review-needed dependencies Pull requests that update a dependency file alert cve labels Jun 29, 2026
@kobsy kobsy merged commit b41315e into main Jun 29, 2026
1 of 6 checks passed
@kobsy kobsy deleted the june_js-yaml_cves branch June 29, 2026 17:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

alert cve dependencies Pull requests that update a dependency file review-pass

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants