Lucene search
K

41 matches found

Chainguard
Chainguard
added 2026/06/17 8:24 p.m.9 views

CVE-2021-4435 vulnerabilities

Vulnerabilities for packages: yarn...

7.8CVSS7.2AI score0.00301EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/17 8:24 p.m.13 views

CVE-2019-5448 vulnerabilities

Vulnerabilities for packages: yarn...

8.1CVSS7.7AI score0.00668EPSS
Exploits1
Chainguard
Chainguard
added 2026/06/17 8:24 p.m.8 views

GHSA-MPWJ-FCR6-X34C vulnerabilities

Vulnerabilities for packages: yarn...

5.2AI score
Exploits0
Wolfi
Wolfi
added 2026/06/17 8:23 p.m.6 views

GHSA-HJXC-462X-X77J vulnerabilities

Vulnerabilities for packages: yarn...

5.2AI score
Exploits0
Wolfi
Wolfi
added 2026/06/17 8:23 p.m.7 views

CVE-2019-15608 vulnerabilities

Vulnerabilities for packages: yarn...

5.9CVSS6.6AI score0.01783EPSS
Exploits1
Wolfi
Wolfi
added 2026/06/17 8:23 p.m.7 views

GHSA-WQFC-CR59-H64P vulnerabilities

Vulnerabilities for packages: yarn...

5.2AI score
Exploits0
Fedora
Fedora
added 2026/04/25 1:53 a.m.16 views

[SECURITY] Fedora 44 Update: yarnpkg-1.22.22-18.fc44

Fast, reliable, and secure dependency management...

9.8CVSS5.3AI score0.01735EPSS
Exploits0
Fedora
Fedora
added 2026/04/12 3:53 p.m.6 views

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-18.fc42

Fast, reliable, and secure dependency management...

9.8CVSS5.8AI score0.01735EPSS
Exploits0
Fedora
Fedora
added 2026/04/12 3:37 p.m.4 views

[SECURITY] Fedora 43 Update: yarnpkg-1.22.22-18.fc43

Fast, reliable, and secure dependency management...

9.8CVSS6AI score0.01735EPSS
Exploits0
Fedora
Fedora
added 2026/03/17 2:12 a.m.5 views

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-17.fc42

Fast, reliable, and secure dependency management...

5.3CVSS6.2AI score0.00378EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

Fedora 43 : yarnpkg (2026-a75abb3f2b)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a75abb3f2b advisory. Regenerate vendor tarball. Fixes CVE-2025-13465. Tenable has extracted the preceding description block directly from the Fedora security advisory...

8.2CVSS6AI score0.01535EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.2 views

Fedora 43 : yarnpkg (2025-de6cf573f0)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-de6cf573f0 advisory. Fix CVE-2205-64756. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

7.5CVSS6.5AI score0.03026EPSS
Exploits1References3
Fedora
Fedora
added 2025/10/25 9:15 p.m.6 views

[SECURITY] Fedora 43 Update: yarnpkg-1.22.22-12.fc43

Fast, reliable, and secure dependency management...

8.7CVSS7AI score0.00516EPSS
Exploits0
Fedora
Fedora
added 2025/10/09 12:51 a.m.5 views

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-12.fc42

Fast, reliable, and secure dependency management...

8.7CVSS7AI score0.00516EPSS
Exploits0
NVD
NVD
added 2025/08/21 4:15 p.m.5 views

CVE-2025-9308

A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects...

5.5CVSS0.00188EPSS
Exploits1References4
Snyk
Snyk
added 2025/08/21 4:2 p.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:yarn is a package for dependency management. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the setOptions function in the src/util/request-manager.js file. An attacker can cause resource exhaustion by supplying crafted...

5.5CVSS6.8AI score0.00188EPSS
Exploits1References2
Snyk
Snyk
added 2025/08/21 4:2 p.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview yarn is a package for dependency management. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the setOptions function in the src/util/request-manager.js file. An attacker can cause resource exhaustion by supplying crafted input that...

5.5CVSS4.4AI score0.00188EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.5 views

PT-2025-34246 · Yarnpkg +2 · Yarnpkg +2

Name of the Vulnerable Software and Affected Versions: yarnpkg Yarn versions up to 1.22.22 Description: A vulnerability exists in Yarn Package Manager due to inefficient regular expression complexity within the setOptions function located in the src/util/request-manager.js file. Local access is...

4.8CVSS3.5AI score0.00188EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-8262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file...

7.5CVSS4.9AI score0.007EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in yarn_z3iz0_wfi9x_iris (npm)

The package yarnz3iz0wfi9xiris was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder