Grunt Security Vulnerabilities and Issues — Grunt CVE List

Lucene search

GruntjsGrunt

3 matches found

CVE•added 2022/05/10 2:15 p.m.•96 views

CVE-2022-1537

file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged ...

7.8CVSS7AI score0.00182EPSS

CVE•added 2022/04/12 9:15 p.m.•88 views

CVE-2022-0436

Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2.

7.1CVSS5.5AI score0.00109EPSS

CVE•added 2020/09/03 9:15 a.m.•76 views

CVE-2020-7729

The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.

7.1CVSS6.9AI score0.02832EPSS