Arbitrary filesystem write vulnerability in Yarn prior to 1.22.0 allows malicious users to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yarnpkg yarn |