CVE-2022-0436 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Unknown
Remote	Unknown
Type	Unknown
Description	file.copy operations in GruntJS are not protected against symlink traversal for both source and destination directories

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2827	grunt-cli	1.5.2-1	1.5.3-1	Unknown	Unknown

References
https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b/ https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665 https://github.com/gruntjs/grunt/commit/433f91b78df99d83daa6f56a5505ead743627c30

References

https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b/
https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665
https://github.com/gruntjs/grunt/commit/433f91b78df99d83daa6f56a5505ead743627c30