Describe the bug
We are seeing findings for CVE-2025-64718 and hoping there is a way to update to JS-YAML 4.1.1 in the dependency chain.
To Reproduce
Scan with a CVE scanner like Snyk.
Actual behavior
A clear and concise description of what happens.
Expected behavior
No finding of CVE-2025-64718 in OpenAPI-Explorer - which depends on this package.
Examples and context
Describe the bug
We are seeing findings for CVE-2025-64718 and hoping there is a way to update to JS-YAML 4.1.1 in the dependency chain.
To Reproduce
Scan with a CVE scanner like Snyk.
Actual behavior
A clear and concise description of what happens.
Expected behavior
No finding of CVE-2025-64718 in OpenAPI-Explorer - which depends on this package.
Examples and context