From 9586ebe23298427d26b3479979bd6499bf3a14c2 Mon Sep 17 00:00:00 2001
From: Alex Kocharin <alex@kocharin.ru>
Date: Mon, 7 Dec 2020 16:15:02 +0300
Subject: [PATCH] Avoid calling hasOwnProperty of user-controlled objects

---
 CHANGELOG.md          | 5 +++++
 lib/js-yaml/loader.js | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b3513578..979e0fd4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
+## [3.14.1] - 2020-12-07
+### Security
+- Fix possible code execution in (already unsafe) `.load()` (in &anchor).
+
+
 ## [3.14.0] - 2020-05-22
 ### Changed
 - Support `safe/loadAll(input, options)` variant of call.
diff --git a/lib/js-yaml/loader.js b/lib/js-yaml/loader.js
index ef01386b..d7484a59 100644
--- a/lib/js-yaml/loader.js
+++ b/lib/js-yaml/loader.js
@@ -1272,7 +1272,7 @@ function readAlias(state) {
 
   alias = state.input.slice(_position, state.position);
 
-  if (!state.anchorMap.hasOwnProperty(alias)) {
+  if (!_hasOwnProperty.call(state.anchorMap, alias)) {
     throwError(state, 'unidentified alias "' + alias + '"');
   }