stable

yarnpkg-1.22.19-5.el9

FEDORA-EPEL-2023-f04011e9d4 created by carlwgeorge a year ago for Fedora EPEL 9

Add patches to fix CVE-2022-38900, CVE-2021-43138, CVE-2022-3517, and CVE-2020-7677.

This update has been submitted for testing by carlwgeorge.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
approved
a year ago
Builds
1
yarnpkg-1.22.19-5.el9
BZ#2170651 CVE-2022-38900 yarnpkg: decode-uri-component: improper input validation resulting in DoS [epel-all]
0
0
BZ#2212560 CVE-2021-43138 yarnpkg: async: Prototype Pollution in async [epel-all]
0
0
BZ#2212561 CVE-2022-3517 yarnpkg: nodejs-minimatch: ReDoS via the braceExpand function [epel-all]
0
0
BZ#2212563 CVE-2020-7677 yarnpkg: thenify: Arbitrary Code Execution in thenify [epel-all]
0
0
yarnpkg-1.22.19-5.el9

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-zsrqc.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy