| Release | Version |
|---|---|
| buster | 1.13.0-1+deb10u1 |
| bullseye | 1.19.1-1 |
| sid | 1.21.1-1 |
| Bug | buster | bullseye | sid | Description |
|---|---|---|---|---|
| CVE-2019-10773 | vulnerable | vulnerable | fixed | In Yarn before 1.21.1, the package install functionality can be abused ... |
| Bug | Description |
|---|---|
| CVE-2019-5448 | Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Da ... |