Security vulnerability affects the pulumi-language-yaml package. This issue is resolved in later releases. See references for vulnerability details.