file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root.
Release Notes
gruntjs/grunt
### [`v1.5.3`](https://togithub.com/gruntjs/grunt/releases/tag/v1.5.3)
[Compare Source](https://togithub.com/gruntjs/grunt/compare/v1.5.2...v1.5.3)
- Merge pull request [#1745](https://togithub.com/gruntjs/grunt/issues/1745) from gruntjs/fix-copy-op [`572d79b`](https://togithub.com/gruntjs/grunt/commit/572d79b)
- Patch up race condition in symlink copying. [`58016ff`](https://togithub.com/gruntjs/grunt/commit/58016ff)
- Merge pull request [#1746](https://togithub.com/gruntjs/grunt/issues/1746) from JamieSlome/patch-1 [`0749e1d`](https://togithub.com/gruntjs/grunt/commit/0749e1d)
- Create SECURITY.md [`69b7c50`](https://togithub.com/gruntjs/grunt/commit/69b7c50)
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, click this checkbox.
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
1.5.2->1.5.3GitHub Vulnerability Alerts
CVE-2022-1537
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root.
Release Notes
gruntjs/grunt
### [`v1.5.3`](https://togithub.com/gruntjs/grunt/releases/tag/v1.5.3) [Compare Source](https://togithub.com/gruntjs/grunt/compare/v1.5.2...v1.5.3) - Merge pull request [#1745](https://togithub.com/gruntjs/grunt/issues/1745) from gruntjs/fix-copy-op [`572d79b`](https://togithub.com/gruntjs/grunt/commit/572d79b) - Patch up race condition in symlink copying. [`58016ff`](https://togithub.com/gruntjs/grunt/commit/58016ff) - Merge pull request [#1746](https://togithub.com/gruntjs/grunt/issues/1746) from JamieSlome/patch-1 [`0749e1d`](https://togithub.com/gruntjs/grunt/commit/0749e1d) - Create SECURITY.md [`69b7c50`](https://togithub.com/gruntjs/grunt/commit/69b7c50)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.