logo
DATABASE RESOURCES PRICING ABOUT US

Unauthorized File Access

Description

yarn is vulnerable to unauthorized file overwrite. The vulnerability exists as it was possible to create symlinks to files, using the value of bin, to access files out of the node_modules folder.


Affected Software


CPE Name Name Version
yarn 1.21.0
yarn 0.15.1
yarn 1.13.0
yarn 0.23.2

Related