2 matches found
CVE-2020-8131
Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package...
CVE-2020-8131
CVE-2020-8131 describes an arbitrary filesystem write vulnerability in Yarn before 1.22.0 , enabling an attacker to write to arbitrary paths and potentially achieve arbitrary code execution by coercing the user to install a malicious package. Affected component: yarn (versions prior to 1.22.0). R...