📦🐈 Fast, reliable, and secure dependency management.
latest non vulnerable version
11 years ago
latest version published
4 months ago
Known vulnerabilities in the yarn package. This does not include vulnerabilities belonging to this package’s dependencies.Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
yarn is a package for dependency management.
Affected versions of this package are vulnerable to Arbitrary File Overwrite. It is possible for a malicious package, upon install, to write to any path on the filesystem even when the
How to fix Arbitrary File Overwrite?