13 matches found
Ubuntu: Security Advisory (USN-5847-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2022-2048 nodejs-grunt security update
Grunt is the JavaScript task runner. Why use a task runner? In one word: automation. The less work you have to do when performing repetitive tasks like minification, compilation, unit testing, linting, etc, the easier your job becomes. After you've configured it, a task runner can do most of that...
3d-preview (>=1.0.0 <=1.0.1), 3dviewercomponent (=1.0.0) +2601 more potentially affected by CVE-2020-7729 via grunt (>=0.2.14 <=1.2.1)
grunt NPM version =0.2.14, =1.0.0, =0.0.2, =1.0.1, =1.0.0, =0.0.1, =1.0.0-alpha1, =0.1.0, =0.4.0, =0.0.9, =0.0.6, =0.12.0-edge9, =0.0.5, =0.0.2, =1.0.1 and more Source cves: CVE-2020-7729 Source advisory: OSV:GHSA-M5PJ-VJJF-4M3H...
Ubuntu: Security Advisory (USN-4595-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4595-1: Grunt vulnerability
It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code. CVE-2020-7729...
Ubuntu 18.04 LTS : Grunt vulnerability (USN-4595-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4595-1 advisory. It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code. CVE-2020-7729 Tenable has extracted...
Debian: Security Advisory (DLA-2368-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-7729
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load instead of its secure replacement safeLoad of the package js-yaml inside grunt.file.readYAML...
AZL-44379 CVE-2020-7729 affecting package js-jquery 3.5.0-4
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load instead of its secure replacement safeLoad of the package js-yaml inside grunt.file.readYAML...
DEBIAN-CVE-2020-7729
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load instead of its secure replacement safeLoad of the package js-yaml inside grunt.file.readYAML...
CVE-2020-7729
Summary: CVE-2020-7729 affects the grunt package due to insecure YAML loading via js-yaml in grunt.file.readYAML, allowing arbitrary code execution. The issue is triggered by using load() instead of safeLoad(). The vulnerability is discussed across multiple sources, including npm advisory, Ubuntu...
CVE-2020-7729 Arbitrary Code Execution
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load instead of its secure replacement safeLoad of the package js-yaml inside grunt.file.readYAML...
CVE-2020-7729
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load instead of its secure replacement safeLoad of the package js-yaml inside grunt.file.readYAML...