The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.
References
Link | Resource |
---|---|
https://snyk.io/vuln/SNYK-JS-GRUNT-597546 | Exploit Third Party Advisory |
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-607922 | Third Party Advisory |
https://github.com/gruntjs/grunt/blob/master/lib/grunt/file.js%23L249 | Broken Link |
https://github.com/gruntjs/grunt/commit/e350cea1724eb3476464561a380fb6a64e61e4e7 | Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/09/msg00008.html | Mailing List Third Party Advisory |
https://usn.ubuntu.com/4595-1/ | Third Party Advisory |
Information
Published : 2020-09-03 02:15
Updated : 2022-11-16 06:05
NVD link : CVE-2020-7729
Mitre link : CVE-2020-7729
JSON object : View
CWE
CWE-1188
Insecure Default Initialization of Resource
Products Affected
debian
- debian_linux
canonical
- ubuntu_linux
gruntjs
- grunt