yarnpkg was added to epel9 repo on 2022-02-23
Page updated: 2026-02-19 11:33
Repo Status -
Overall Status
Source NVR: yarnpkg-1.22.22-16.el9 (2022-02-23)
| yarnpkg | yarnpkg-1.22.22-16.el9 |
| 2384003 | NEW | CVE-2025-8263 yarnpkg: prettier parseNestedCSS ReDoS [epel-9] |
| 2387018 | NEW | CVE-2025-54798 yarnpkg: tmp Symbolic Link Write Vulnerability [epel-9] |
| 2389965 | NEW | CVE-2025-9287 yarnpkg: Cipher-base hash manipulation [epel-9] |
| 2390004 | NEW | CVE-2025-9288 yarnpkg: Missing type checks leading to hash rewind and passing on crafted data [epel-9] |
| 2390169 | NEW | CVE-2025-9308 yarnpkg: yarnpkg regular expression denial of service [epel-9] |
| 2397970 | NEW | CVE-2025-59343 yarnpkg: tar-fs symlink validation bypass [epel-9] |
| 2422475 | NEW | CVE-2025-64718 yarnpkg: js-yaml prototype pollution in merge [epel-9] |
| 2428364 | NEW | CVE-2025-14505 yarnpkg: Key handling flaws in Elliptic [epel-9] |
| 2437355 | NEW | CVE-2025-68458 yarnpkg: webpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-time SSRF behavior [epel-9] |
| 2437366 | NEW | CVE-2025-68157 yarnpkg: webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects [epel-9] |
| 2439374 | NEW | CVE-2025-69873 yarnpkg: ReDoS via $data reference [epel-9] |
| 2439553 | NEW | CVE-2026-2391 yarnpkg: qs's arrayLimit bypass in comma parsing allows denial of service [epel-9] |