EUVD-2022-6439

Malicious code in bioql PyPI...

sonar-wrapper Command Injection vulnerability

A command injection vulnerability affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js...

GHSA-WR4V-3F2H-6HHH sonar-wrapper Command Injection vulnerability

A command injection vulnerability affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js...

CVE-2020-28443

This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js...

CVE-2020-28443 Command Injection

This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js...

sonar-wrapper 命令注入漏洞

sonar-wrapper is a package by loic rondel individual developer that wraps SonarQube Scanner as a node module. A security vulnerability exists in sonar-wrapper, which stems from a command injection attack injection point in sonarRunner.js...

PT-2022-8896 · Unknown · Sonar-Wrapper

Name of the Vulnerable Software and Affected Versions: sonar-wrapper versions all versions Description: A command injection issue affects the package. The injection point is located in lib/sonarRunner.js. Recommendations: For all versions, consider restricting access to the vulnerable...

Command Injection

Overview sonar-wrapper is a package that wraps SonarQube Scanner as a node module. Affected versions of this package are vulnerable to Command Injection. The injection point is located in lib/sonarRunner.js. PoC var root = require"sonar-wrapper"; var options= 'sonar.projectName':'& touch JHU';...