Headline
GHSA-wr4v-3f2h-6hhh: sonar-wrapper Command Injection vulnerability
A command injection vulnerability affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.
sonar-wrapper Command Injection vulnerability
Critical severity GitHub Reviewed Published Jul 26, 2022 • Updated Aug 6, 2022
Related news
CVE-2020-28443: Snyk Vulnerability Database | Snyk
This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.