CVE-2020-8131

Published: 2020-02-24T15:15Z

Last Modified: 2024-11-21T05:38Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt