js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11_SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem() to perform a linear duplicate-key scan on every insertion, causing O(n^2) CPU consumption when yaml.load() parses a crafted ordered-map document. This issue is fixed in version 5.2.1.
Metrics
Affected Vendors & Products
References
History
Wed, 08 Jul 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Nodeca
Nodeca js-yaml |
|
| Vendors & Products |
Nodeca
Nodeca js-yaml |
|
| Metrics |
ssvc
|
Wed, 08 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11_SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem() to perform a linear duplicate-key scan on every insertion, causing O(n^2) CPU consumption when yaml.load() parses a crafted ordered-map document. This issue is fixed in version 5.2.1. | |
| Title | js-yaml quadratic-complexity denial of service via YAML11_SCHEMA !!omap parsing | |
| Weaknesses | CWE-407 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-08T15:50:55.378Z
Reserved: 2026-07-07T15:41:53.607Z
Link: CVE-2026-59870
Updated: 2026-07-08T15:50:49.707Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-08T17:15:02Z