all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-5847-1: Grunt vulnerabilities

Add to bookmarks
Feb. 7, 2023, 6:56 p.m. |

Ubuntu security notices ubuntu.com

It was discovered that Grunt was not properly loading YAML files before
parsing them. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2020-7729)

It was discovered that Grunt was not properly handling symbolic links
when performing file copy operations. An attacker could possibly use this
issue to expose sensitive information or execute arbitrary code.
(CVE-2022-0436)

It was discovered that there was a race condition in the Grunt file copy
function, which could lead to an arbitrary file …

code copy cve file files function handling information issue links operations parsing performing race condition sensitive information usn vulnerabilities yaml

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6736-1: klibc vulnerabilities 7 hours ago | ubuntu.com
arbitrary code attacker code crash +8
USN-6735-1: Node.js vulnerabilities 7 hours ago | ubuntu.com
attacker automated certificate cve +16
USN-6734-1: libvirt vulnerabilities 1 day, 2 hours ago | ubuntu.com
api attacker crash cve +8
USN-6733-1: GnuTLS vulnerabilities 1 day, 2 hours ago | ubuntu.com
attacker channel crash cve +16
USN-6732-1: WebKitGTK vulnerabilities 1 day, 2 hours ago | ubuntu.com
arbitrary code arbitrary code execution attacker attacks +21
USN-6731-1: YARD vulnerabilities 1 day, 8 hours ago | ubuntu.com
access arbitrary files attackers attacks +19
USN-6730-1: Apache Maven Shared Utils vulnerability 4 days, 20 hours ago | ubuntu.com
apache arbitrary code attacker attacks +9
USN-6727-2: NSS regression 5 days ago | ubuntu.com
advisory attacker certificates fixes +14
USN-6729-1: Apache HTTP Server vulnerabilities 5 days, 2 hours ago | ubuntu.com
apache attacker attacks chen +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Senior Cybersecurity Technical Delivery Manager

@ MUFG | London Ropemaker place
View on infosec-jobs.com

Junior consultant-Technology Risk

@ EY | Bratislava, SK, 811 02
View on infosec-jobs.com

Director of Security Engineering, Information Security

@ Illumio | Sunnyvale, California
View on infosec-jobs.com

Cyber Analyst II 03396 NWG

@ North Wind Group | KNOXVILLE, TN
View on infosec-jobs.com

CRIT Information Security Officer (f/m/d)

@ Deutsche Börse | Frankfurt am Main, DE
View on infosec-jobs.com
View more jobs