AVG-2827 log
| Package | grunt-cli |
| Status | Unknown |
| Severity | Unknown |
| Type | unknown |
| Affected | 1.5.2-1 |
| Fixed | 1.5.3-1 |
| Current | 1.4.3-3 [extra] |
| Ticket | None |
| Created | Sun Feb 19 17:08:44 2023 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2022-1537 | Unknown | Unknown | Unknown | file.copy operations in GruntJS are vulnerable to a TOC-TOU race condition leading to arbitrary file write when an attacker can create a symlink just after... |
| CVE-2022-0436 | Unknown | Unknown | Unknown | file.copy operations in GruntJS are not protected against symlink traversal for both source and destination directories |