5 matches found
CVE-2022-40764
creationtimestamp| type| source ---|---|--- 2022-10-20 11:05:16+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/7012 2022-11-30 16:29:11+00:00| seen| https://t.me/cibsecurity/53716 2022-11-30 16:29:12+00:00| seen| https://t.me/cibsecurity/53717 2022-11-30 16:57:57+00:00|...
@adobe/git-server (>=0.9.18 <=1.0.5), @adobe/helix-cli (>=0.3.0-SNAPSHOT.293 <=6.1.0) +37 more potentially affected by CVE-2022-40764 via snyk-go-plugin (>=1.10.0 <=1.17.0)
snyk-go-plugin NPM version =1.10.0, =0.9.18, =0.3.0-SNAPSHOT.293, =2.6.0, =1.0.5-SNAPSHOT.105, =0.0.4, =8.0.36, =5.0.22, =3.10.42, =0.0.70, =0.5.8, =3.2.4, =0.0.2, =0.0.7, =0.2.0, =0.2.8 and more Source cves: CVE-2022-40764 Source advisory: OSV:GHSA-HPQJ-7CJ6-HFJ8...
@adobe/helix-cli (>=0.10.6 <=2.5.4), @baivoom/ngx-barcode-scanner (>=0.0.4 <=0.0.6) +46 more potentially affected by CVE-2022-22984 +1 more via snyk-sbt-plugin (>=2.0.0 <=2.15.0)
snyk-sbt-plugin NPM version =2.0.0, =0.10.6, =0.0.4, =8.0.36, =5.0.22, =3.10.42, =0.5.8, =3.2.4, =0.0.2, =0.0.17, =0.2.2, =1.20.0-alpha.11736.3, =2.3.5, =2.3.4, =2.6.4 and more Source cves: CVE-2022-22984, CVE-2022-40764 Source advisory: SNYK:JS-SNYKSBTPLUGIN-3038626...
@adobe/helix-cli (>=0.10.6 <=1.0.0), @bifravst/code-style (>=8.0.36 <=8.0.133) +41 more potentially affected by CVE-2022-22984 +1 more via snyk-mvn-plugin (>=2.0.0 <=2.31.2)
snyk-mvn-plugin NPM version =2.0.0, =0.10.6, =8.0.36, =5.0.22, =3.10.42, =0.5.8, =3.2.4, =0.0.21, =2.6.1, =2.6.1, =5.0.0, =3.0.3-beta.1, =1.0.7, =0.1.1, =0.1.5 and more Source cves: CVE-2022-22984, CVE-2022-40764 Source advisory: SNYK:JS-SNYKMVNPLUGIN-3038623...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to...