CVE-2020-28443
Improper Neutralization of Special Elements used in a Command ('Command Injection') in npm/sonar-wrapper
Identifiers
GHSA-wr4v-3f2h-6hhh, CVE-2020-28443
Package Slug
npm/sonar-wrapper
Vulnerability
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Description
This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.
Affected Versions
All versions up to 0.1.3
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-08-09
| source |