grunt-cli

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description The grunt command line interface.
Version 1.4.3-3 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-2827 1.5.2-1 1.5.3-1 Unknown Unknown
Issue Group Severity Remote Type Description
CVE-2022-1537 AVG-2827 Unknown Unknown Unknown
file.copy operations in GruntJS are vulnerable to a TOC-TOU race condition leading to arbitrary file write when an attacker can create a symlink just after...
CVE-2022-0436 AVG-2827 Unknown Unknown Unknown
file.copy operations in GruntJS are not protected against symlink traversal for both source and destination directories