12 matches found
EUVD-2025-113035
Malicious code in grunt-stream-rest-browserify npm...
EUVD-2019-0220
Malware in sbrugna...
EUVD-2019-0275
Malware in sbrugna...
grunt-ccompiler Man-in-the-Middle Attack Vulnerability
grunt-ccompiler is a Grunt plugin for compiling Closure. A security vulnerability exists in grunt-ccompiler that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary with an...
CVE-2016-10636
grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on...
CVE-2016-10636
** grunt-ccompiler** is a Closure Compiler Grunt Plugin that insecurely downloads executables over HTTP. An attacker with a privileged network position can intercept the response and replace the binary with a malicious one, potentially causing remote code execution on the system running grunt-cco...
CVE-2016-10636
grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on...
CVE-2016-10606
grunt-webdriver-qunit is a grunt plugin to run qunit with webdriver in grunt grunt-webdriver-qunit downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controll...
Remote code execution
grunt-webdriver-qunit is a grunt plugin to run qunit with webdriver in grunt grunt-webdriver-qunit downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controll...
CVE-2016-10606
grunt-webdriver-qunit is a grunt plugin to run qunit with webdriver in grunt grunt-webdriver-qunit downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controll...
Retire.Js - Scanner Detecting The Use Of JavaScript Libraries With Known Vulnerabilities
What you require you must also retire There is a plethora of JavaScript libraries for use on the Web and in Node.JS apps out there. This greatly simplifies development,but we need to stay up-to-date on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10...
[Retire.js] Command line Scanner and Chrome plugin
Retire.js is a command line scanner that helps you identify dependencies with known vulnerabilites in your application. Using the provided Grunt plugin you can easily include Retire.js into your build process. Retire.js also provides a chrome extension allowing you to detect libraries while surfi...