yarnpkg was added to epel8 repo on 2023-01-13
Page updated: 2025-08-29 19:01
Repo Status -
Overall Status
Source NVR: yarnpkg-1.22.22-9.el8 (2023-01-13)
| yarnpkg | yarnpkg-1.22.22-9.el8 |
| 2222350 | NEW | CVE-2022-38900 yarnpkg: decode-uri-component: improper input validation resulting in DoS [epel-8] |
| 2293212 | NEW | CVE-2024-28863 yarnpkg: node-tar: denial of service while parsing a tar file due to lack of folders depth validation [epel-8] |
| 2311376 | NEW | CVE-2024-43796 yarnpkg: Improper Input Handling in Express Redirects [epel-8] |
| 2382003 | NEW | CVE-2025-7783 yarnpkg: Unsafe random function in form-data [epel-8] |
| 2383878 | NEW | CVE-2025-8262 yarnpkg: Yarn Regex Complexity Vulnerability [epel-8] |
| 2384001 | NEW | CVE-2025-8263 yarnpkg: prettier parseNestedCSS ReDoS [epel-8] |
| 2387013 | NEW | CVE-2025-54798 yarnpkg: tmp Symbolic Link Write Vulnerability [epel-8] |
| 2389962 | NEW | CVE-2025-9287 yarnpkg: Cipher-base hash manipulation [epel-8] |
| 2390001 | NEW | CVE-2025-9288 yarnpkg: Missing type checks leading to hash rewind and passing on crafted data [epel-8] |
| 2390168 | NEW | CVE-2025-9308 yarnpkg: yarnpkg regular expression denial of service [epel-8] |