CVE-2022-1537 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Unknown
Remote	Unknown
Type	Unknown
Description	file.copy operations in GruntJS are vulnerable to a TOC-TOU race condition leading to arbitrary file write when an attacker can create a symlink just after deletion of the dest symlink

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2827	grunt-cli	1.5.2-1	1.5.3-1	Unknown	Unknown

References
https://huntr.dev/bounties/0179c3e5-bc02-4fc9-8491-a1a319b51b4d/ https://www.github.com/gruntjs/grunt/commit/58016ffac5ed9338b63ecc2a63710f5027362bae