Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2022-0436 - log back

CVE-2022-0436 edited at 19 Feb 2023 17:11:12

Description

+	file.copy operations in GruntJS are not protected against symlink traversal for both source and destination directories

References

+	https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b/
+	https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665
+	https://github.com/gruntjs/grunt/commit/433f91b78df99d83daa6f56a5505ead743627c30

Notes

CVE-2022-0436 created at 19 Feb 2023 17:08:44