HIGH 8.1 npm
GHSA-wqfc-cr59-h64p · CVE-2019-5448 Missing Encryption of Sensitive Data in yarn
Modified: 6/17/2026
package
npm / yarn
pkg:npm/yarn
HIGH 7.8 npm
GHSA-5xf4-f2fq-f69j · CVE-2019-10773 Yarn Improper link resolution before file access (Link Following)
Modified: 6/17/2026
HIGH 7.5 npm
GHSA-8mfc-v7wv-p62g · CVE-2020-8131 Path Traversal in Yarn
Modified: 11/8/2023
MEDIUM 5.9 npm
GHSA-hjxc-462x-x77j · CVE-2019-15608 TOCTOU Race Condition in Yarn
Modified: 6/17/2026
HIGH 7.7 npm
GHSA-mpwj-fcr6-x34c · CVE-2021-4435 Yarn untrusted search path vulnerability
Modified: 6/17/2026