Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-64718

CVE-2025-64718: Nodeca Js-yaml Prototype Pollution Flaw

CVE-2025-64718 is a prototype pollution vulnerability in Nodeca Js-yaml that allows attackers to modify object prototypes through untrusted YAML documents. This article covers technical details, affected versions, and mitigation.

Published:

CVE-2025-64718 Overview

CVE-2025-64718 is a prototype pollution vulnerability [CWE-1321] in js-yaml, a widely used JavaScript YAML parser and dumper maintained by nodeca. The flaw affects versions before 4.1.1 and 3.14.2. An attacker who supplies a crafted YAML document to an application that parses untrusted input can modify the prototype of the resulting parsed object using the __proto__ key. The issue is triggered through the YAML merge key (<<) handling in the loader. Any application that calls js-yaml parsing functions on attacker-controlled YAML may be affected. The maintainers shipped patches in js-yaml 4.1.1 and 3.14.2.

Critical Impact

Untrusted YAML input can pollute the JavaScript object prototype chain, enabling integrity attacks against application logic that relies on object property defaults.

Affected Products

  • nodeca js-yaml versions prior to 4.1.1
  • nodeca js-yaml versions prior to 3.14.2
  • Node.js applications that parse untrusted YAML using vulnerable js-yaml releases

Discovery Timeline

  • 2025-11-13 - CVE-2025-64718 published to NVD
  • 2026-02-02 - Last updated in NVD database

Technical Details for CVE-2025-64718

Vulnerability Analysis

The vulnerability resides in the js-yaml loader, specifically in how merge key (<<) operations assign properties to the resulting JavaScript object. When the parser encounters a key named __proto__ during merge handling, it performs a direct property assignment. In JavaScript, assigning to __proto__ on a plain object mutates the object's prototype chain rather than creating an own property. Attackers can therefore inject properties onto Object.prototype, which are then inherited by every plain object in the process.

The vulnerability is categorized as Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) per [CWE-1321]. Impact is limited to integrity, with no direct confidentiality or availability consequences from the parser itself. Downstream effects depend on how the host application consumes parsed objects, and can include authorization bypass, logic tampering, or chained gadget exploitation leading to code execution. The EPSS estimate for this CVE is 0.034%.

Root Cause

The loader's merge handler used a plain property assignment (object[key] = value) without filtering or safely defining the __proto__ key. This allowed a YAML key of __proto__ to walk the prototype chain instead of being stored as a normal property on the result object.

Attack Vector

The attack vector is network-reachable wherever YAML is parsed from untrusted sources, such as API request bodies, configuration files uploaded by users, webhook payloads, or third-party feeds. No authentication or user interaction is required against the vulnerable parser. The attacker submits a YAML document containing a merge entry that sets __proto__ to an attacker-controlled mapping, and the parser pollutes the global prototype.

javascript
// Patch from lib/loader.js - fix prototype pollution in merge (<<)
// Source: https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879

// set a property of a literal object, while protecting against prototype pollution,
// see https://github.com/nodeca/js-yaml/issues/164 for more details
function setProperty(object, key, value) {
  // used for this specific key only because Object.defineProperty is slow
  if (key === '__proto__') {
    Object.defineProperty(object, key, {
      configurable: true,
      enumerable: true,
      writable: true,
      value,
    });
  } else {
    object[key] = value;
  }
}

The fix replaces direct assignment with Object.defineProperty when the key is __proto__, ensuring the value becomes an own data property on the target object instead of mutating the prototype.

Detection Methods for CVE-2025-64718

Indicators of Compromise

  • YAML payloads received by the application containing the literal key __proto__ under a merge (<<) construct.
  • Runtime appearance of unexpected properties on Object.prototype after YAML parsing operations.
  • Application errors or anomalous control flow following ingestion of YAML from untrusted sources, especially around default-value lookups.

Detection Strategies

  • Inventory all direct and transitive dependencies on js-yaml and flag versions below 4.1.1 (4.x line) and 3.14.2 (3.x line) using npm ls js-yaml or SCA tooling.
  • Add request-layer inspection for YAML bodies that include __proto__, constructor, or prototype keys, and log or block them at the API gateway.
  • Instrument staging environments to detect mutations on Object.prototype during fuzz testing of YAML-handling endpoints.

Monitoring Recommendations

  • Track Node.js process logs for unexpected TypeError or undefined is not a function exceptions originating from code paths that consume parsed YAML.
  • Monitor outbound dependency advisories for GHSA-mh29-5h37-fv8m and correlate against your build pipeline.
  • Alert on YAML ingestion endpoints that exhibit elevated 4xx/5xx rates after deploys, which can indicate exploitation attempts.

How to Mitigate CVE-2025-64718

Immediate Actions Required

  • Upgrade js-yaml to 4.1.1 or 3.14.2, depending on which major line your application uses.
  • Run npm audit fix or the equivalent in yarn/pnpm to resolve transitive copies pinned by other packages.
  • Rebuild and redeploy container images and serverless artifacts that bundle vulnerable js-yaml versions.

Patch Information

The maintainers fixed the issue in commits 383665f and 5278870, released in js-yaml 4.1.1 and 3.14.2. Details are published in the GitHub Security Advisory GHSA-mh29-5h37-fv8m and the corresponding GitHub Advisory database entry.

Workarounds

  • Run Node.js with the node --disable-proto=delete flag to remove the __proto__ setter at the runtime level.
  • Use Deno as the runtime where feasible, as Deno enables prototype pollution protection by default.
  • Validate and reject untrusted YAML containing reserved keys such as __proto__, constructor, or prototype before passing data to the parser.
bash
# Configuration example - run Node.js with prototype pollution protections
node --disable-proto=delete app.js

# Upgrade js-yaml to a patched release
npm install js-yaml@^4.1.1
# or for the 3.x line
npm install js-yaml@^3.14.2

# Verify resolved versions across the dependency tree
npm ls js-yaml

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.