[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-17.fc42

Fast, reliable, and secure dependency management...

[SECURITY] Fedora 43 Update: yarnpkg-1.22.22-12.fc43

Fast, reliable, and secure dependency management...

CVE-2025-9308

A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects...

PT-2025-34246 · Yarnpkg +2 · Yarnpkg +2

Name of the Vulnerable Software and Affected Versions: yarnpkg Yarn versions up to 1.22.22 Description: A vulnerability exists in Yarn Package Manager due to inefficient regular expression complexity within the setOptions function located in the src/util/request-manager.js file. Local access is...

[SECURITY] Fedora 41 Update: yarnpkg-1.22.22-11.fc41

Fast, reliable, and secure dependency management...

Yarn Package Manager Tampering Vulnerability

Yarn Package Manager is a package manager. A security vulnerability exists in Yarn Package Manager, which stems from the program not performing any form of certificate locking and trust management. The vulnerability can be exploited to execute code by replacing the original installation package...