Ubuntu Security Update USN-5847-1: Grunt vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,952
Reaction score
80
Credits
-1,257
It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-7729) It was discovered that Grunt was not properly handling symbolic links when performing file copy operations. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. (CVE-2022-0436) It was discovered that there was a race condition in the Grunt file copy function, which could lead to an arbitrary file write. An attacker could possibly use this issue to perform a local privilege escalation attack or to execute arbitrary code. (CVE-2022-1537)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-8294-1: PostgreSQL vulnerabilities
Replies
0
Views
134
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8246-1: Vim vulnerabilities
Replies
0
Views
138
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8302-1: NLTK vulnerabilities
Replies
0
Views
96
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8304-1: Vim vulnerabilities
Replies
0
Views
136
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8235-1: ITK vulnerabilities
Replies
0
Views
69
LinuxBot
LinuxBot


Follow Linux.org

Members online

Total: 2,208 (members: 3, guests: 2,205)

Latest posts

Top