Lucene search
Redhat.comRH:CVE-2022-22984HistoryNov 30, 2022 - 6:26 p.m.
CVE-2022-22984
2022-11-3018:26:07
redhat.com
access.redhat.com
17
snyk
hex plugin
arbitrary commands
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.006 Low
EPSS
Percentile
77.9%
A vulnerability was found in the snyk-hex-plugin for snyk. This issue allows an attacker to run arbitrary commands on the host system where the Snyk CLI is installed by passing crafted command line flags.
Related
github
github
Snyk plugins vulnerable to Command Injection
2022-11-30 15:30:27
osv
osv
Snyk plugins vulnerable to Command Injection
2022-11-30 15:30:27
CVE-2022-22984
2022-11-30 13:15:10
cve
cve
CVE-2022-22984
2022-11-30 13:15:10
nvd
nvd
CVE-2022-22984
2022-11-30 13:15:10
prion
prion
Command injection
2022-11-30 13:15:00
cvelist
cvelist
CVE-2022-22984 Command Injection
2022-11-30 00:00:00
impervablog
impervablog
New Vulnerability in Popular Widget Shows Risks of Third-Party Code
2022-11-09 11:53:56
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.006 Low
EPSS
Percentile
77.9%
Related for RH:CVE-2022-22984