Description
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.
Remediation
References
https://snyk.io/vuln/SNYK-JS-GRUNT-597546
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-607922
https://github.com/gruntjs/grunt/blob/master/lib/grunt/file.js%23L249
https://github.com/gruntjs/grunt/commit/e350cea1724eb3476464561a380fb6a64e61e4e7
https://lists.debian.org/debian-lts-announce/2020/09/msg00008.html
https://usn.ubuntu.com/4595-1/
Related Vulnerabilities
CVE-2022-28220 Vulnerability in maven package org.apache.james:james-server-protocols-managesieve
CVE-2019-10746 Vulnerability in npm package mixin-deep
CVE-2020-7710 Vulnerability in npm package safe-eval
CVE-2020-7674 Vulnerability in npm package access-policy
CVE-2023-34602 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base-core