Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gruntjs grunt vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2022-1537
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt before 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a ...
Gruntjs Grunt
2 Github repositories
2.1
CVSSv2
CVE-2022-0436
Path Traversal in GitHub repository gruntjs/grunt before 1.5.2.
Gruntjs Grunt
2 Github repositories
4.6
CVSSv2
CVE-2020-7729
The package grunt prior to 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.
Gruntjs Grunt
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started