grunt-cli
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | The grunt command line interface. |
| Version | 1.4.3-2 [extra] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2827 | 1.5.2-1 | 1.5.3-1 | Unknown | Unknown |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2022-1537 | AVG-2827 | Unknown | Unknown | Unknown | file.copy operations in GruntJS are vulnerable to a TOC-TOU race condition leading to arbitrary file write when an attacker can create a symlink just after... |
| CVE-2022-0436 | AVG-2827 | Unknown | Unknown | Unknown | file.copy operations in GruntJS are not protected against symlink traversal for both source and destination directories |