org.webjars.npm:grunt@0.2.1 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.webjars.npm:grunt package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Race Condition org.webjars.npm:grunt is a JavaScript task runner. Affected versions of this package are vulnerable to Race Condition via the `file.copy` operations. Exploiting this vulnerability leads to arbitrary file writing when an attacker can create a symlink just after deletion of the destination symlink, but right before the symlink is being written. How to fix Race Condition? There is no fixed version for `org.webjars.npm:grunt`.	[0,)
M Directory Traversal org.webjars.npm:grunt is a JavaScript task runner. Affected versions of this package are vulnerable to Directory Traversal via creation of a symlink to a restricted file, if a local attacker has `write` access to the source directory of `file.copy` How to fix Directory Traversal? There is no fixed version for `org.webjars.npm:grunt`.	[0,)
H Arbitrary Code Execution org.webjars.npm:grunt is a JavaScript task runner. Affected versions of this package are vulnerable to Arbitrary Code Execution due to the default usage of the function `load()` instead of its secure replacement `safeLoad()` of the package `js-yaml` inside `grunt.file.readYAML`. How to fix Arbitrary Code Execution? There is no fixed version for `org.webjars.npm:grunt`.	[0,)