CVE-2022-24441HIGHCVSS 8.8≤ 1.1.30·≤ 1.8.0+2 more2022-11-30
CVE-2022-24441 [HIGH] CWE-78 CVE-2022-24441: The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attac
The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the application. This vulnerability may be triggered when running the t
nvd