Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 3 of 3 results

CVE-2022-1537

Medium priority

Some fixes available 3 of 4

file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to...

1 affected packages

grunt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
grunt Not affected Fixed Fixed Fixed Not in release
Show less packages

CVE-2022-0436

High priority

Some fixes available 3 of 4

Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2.

1 affected packages

grunt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
grunt Not affected Fixed Fixed Fixed Not in release
Show less packages

CVE-2020-7729

Medium priority

Some fixes available 2 of 3

The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.

1 affected packages

grunt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
grunt Not affected Not affected Fixed Fixed Not in release
Show less packages