Description
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.
Remediation
References
https://github.com/gruntjs/grunt/blob/master/lib/grunt/file.js%23L249
https://github.com/gruntjs/grunt/commit/e350cea1724eb3476464561a380fb6a64e61e4e7
https://lists.debian.org/debian-lts-announce/2020/09/msg00008.html
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-607922
https://snyk.io/vuln/SNYK-JS-GRUNT-597546
https://usn.ubuntu.com/4595-1/
Related Vulnerabilities
CVE-2020-25020 Vulnerability in maven package net.sf.mpxj:mpxj
CVE-2018-20433 Vulnerability in maven package c3p0:c3p0
CVE-2020-5258 Vulnerability in maven package org.webjars.npm:dojo
CVE-2023-26126 Vulnerability in npm package m.static
CVE-2023-50730 Vulnerability in maven package edu.gemini:gsp-graphql-core_2.13