Information on source package node-yarnpkg

Available versions

ReleaseVersion
buster1.13.0-1+deb10u1
bullseye1.22.4-2
sid1.22.4-2

Open issues

BugbusterbullseyesidDescription
CVE-2020-8131vulnerablefixedfixedArbitrary filesystem write vulnerability in Yarn before 1.22.0 allows ...
CVE-2019-15608vulnerablefixedfixedThe package integrity validation in yarn < 1.19.0 contains a TOCTOU ...
CVE-2019-10773vulnerablefixedfixedIn Yarn before 1.21.1, the package install functionality can be abused ...

Resolved issues

BugDescription
CVE-2019-5448Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Da ...

Search for package or bug name: Reporting problems