Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-26367

Malicious code in bioql PyPI...

7.8CVSS6.4AI score0.01123EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/09/26 1:1 p.m.13 views

Argument injection vulnerability in SonarQube Scan Action

A command injection vulnerability exists in SonarQube GitHub Action prior to v6.0.0 when workflows pass user-controlled input to the args parameter on Windows runners without proper validation. This vulnerability bypasses a previous security fix and allows arbitrary command execution, potentially...

7.7CVSS7.5AI score0.01507EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/09/26 1:1 p.m.4 views

GHSA-5XQ9-5G24-4G6F Argument injection vulnerability in SonarQube Scan Action

A command injection vulnerability exists in SonarQube GitHub Action prior to v6.0.0 when workflows pass user-controlled input to the args parameter on Windows runners without proper validation. This vulnerability bypasses a previous security fix and allows arbitrary command execution, potentially...

7.7CVSS7.5AI score0.01507EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/09/02 5:31 p.m.9 views

Command Injection via sonarqube-scan-action GitHub Action

Impact A command injection vulnerability was discovered in the SonarQube Scan GitHub Action that allows untrusted input arguments to be processed without proper sanitization. Arguments sent to the action are treated as shell expressions, allowing potential execution of arbitrary commands. Patches...

7.8CVSS8AI score0.01123EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/02 12:51 a.m.3 views

CVE-2025-58178 Command Injection via sonarqube-scan-action GitHub Action

SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. In versions 4 to 5.3.0, a command injection vulnerability was discovered in the SonarQube Scan GitHub Action that allows untrusted input arguments to be processed without proper...

7.8CVSS7.6AI score0.01123EPSS
Exploits0References5
Rows per page
Query Builder