GHSA-wr4v-3f2h-6hhh, CVE-2020-28443
npm/sonar-wrapper
Improper Neutralization of Special Elements used in a Command ('Command Injection')
This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.
All versions up to 0.1.3
Unfortunately, there is no solution available yet.
2022-08-09
source |