It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code. (CVE-2020-7729)
{ "availability": "No subscription required", "binaries": [ { "grunt": "1.0.1-8ubuntu0.1" } ] }