CVE-2025-9308 | yarnpkg Yarn up to 1.22.22 request-manager.js setOptions redos (ID 9203)

Inserito da Angelo Barbosa | Ago 21, 2025 | CVE

A vulnerability was found in yarnpkg Yarn up to 1.22.22 and classified as problematic. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is uniquely identified as CVE-2025-9308. Local access is required to approach this attack. No exploit exists.

CVE-2025-9308 | yarnpkg Yarn up to 1.22.22 request-manager.js setOptions redos (ID 9203)

Post correlati

CVE-2024-36656 | MintHCM 4.0.3 cross site scripting

CVE-2024-36587 | DNSCrypt-proxy up to 2.1.5 permission

CVE-2024-52311 | Amazon data.all up to 2.6.0 API Request authorization (GHSA-p69m-h9rw-584v)

CVE-2024-13496 | GamiPress Plugin up to 7.2.1 on WordPress orderby sql injection