CVE-2021-4435

Publication date

2024-02-04 19:16:35

Family

fedora

State

PUBLISHED

Description

An untrusted search path vulnerability was found in Yarn. When a victim runs certain Yarn commands in a directory with attacker-controlled content, malicious commands could be executed in unexpected ways.