CVE-2022-1537
HIGH7.0EPSS 0.25%Race Condition in Grunt
Published: 5/11/2022Modified: 4/28/2026
Description
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root.
Affected packages (3)
- Debian/gruntfrom 0, < 1.3.0-1+deb11u2
- Debian/gruntfrom 0, < 1.0.1-8+deb10u2
- npm/gruntfrom 0, < 1.5.3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.0 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-1537
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2022-1537
- PATCHhttps://github.com/gruntjs/grunt
- WEBhttps://github.com/gruntjs/grunt/commit/58016ffac5ed9338b63ecc2a63710f5027362bae
- WEBhttps://huntr.dev/bounties/0179c3e5-bc02-4fc9-8491-a1a319b51b4d
- WEBhttps://lists.debian.org/debian-lts-announce/2023/04/msg00006.html