Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in...
9.8CVSS
9.4AI Score
0.003EPSS
This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a proto...
7.8CVSS
7.5AI Score
0.0005EPSS
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged....
7CVSS
6.9AI Score
0.0004EPSS
5.5CVSS
5.5AI Score
0.0004EPSS
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside...
7.1CVSS
6.8AI Score
0.009EPSS
grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is...
8.1CVSS
8.2AI Score
0.002EPSS
grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on....
8.1CVSS
8.3AI Score
0.002EPSS
grunt-webdriver-qunit is a grunt plugin to run qunit with webdriver in grunt grunt-webdriver-qunit downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker...
8.1CVSS
8.3AI Score
0.002EPSS
A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url. In module versions < 0.9.1 the auth portion of the url is outputted as part of the grunt tasks logging function. If this output is publicly....
8.6CVSS
8.3AI Score
0.002EPSS