grunt is vulnerable to Time-of-check To Time-of-Use (TOCTOU). The vulnerability exists in file.copy
function in file.js
because the permissions are not properly handled in both source and destination directories which allows an attacker to access and write arbitrary files.
github.com/advisories/GHSA-rm36-94g8-835r
github.com/gruntjs/grunt/blob/main/lib/grunt/file.js#L297L300
github.com/gruntjs/grunt/commit/58016ffac5ed9338b63ecc2a63710f5027362bae
github.com/gruntjs/grunt/pull/1745
huntr.dev/bounties/0179c3e5-bc02-4fc9-8491-a1a319b51b4d
huntr.dev/bounties/0179c3e5-bc02-4fc9-8491-a1a319b51b4d/
lists.debian.org/debian-lts-announce/2023/04/msg00006.html