Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-wr4v-3f2h-6hhh: sonar-wrapper Command Injection vulnerability

A command injection vulnerability affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.

ghsa
#vulnerability#js#git

sonar-wrapper Command Injection vulnerability

Critical severity GitHub Reviewed Published Jul 26, 2022 • Updated Aug 6, 2022

Related news

CVE-2020-28443: Snyk Vulnerability Database | Snyk

This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.