Showing 1 - 1 of 1

CVE-2020-7729

Status Candidate

Overview

The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.

Related Files

Ubuntu Security Notice USN-4595-1: Posted Oct 21, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4595-1 - It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2020-7729; MD5 | e1ac33c4930fe12fca5c85c0a9fb888a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 100 files
malvuln 57 files
Ubuntu 51 files
Google Security Research 14 files
Erik David Martin 9 files
Apple 5 files
Jeenali Kothari 5 files
Tim Willis 4 files
Ismael Nava 4 files
Soham Bakore 4 files

File Archives

Systems

AIX (421)
Apple (1,774)
BSD (368)
Cisco (1,902)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,040)
HPUX (873)
iOS (284)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,469)
Mac OS X (673)
Mandriva (3,105)
NetBSD (255)
OpenBSD (472)
RedHat (9,697)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,138)
UNIX (8,848)
UnixWare (180)
Windows (5,818)
Other

CVE-2020-7729

Overview

Related Files

File Archive:

March 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems