Description
This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-SONARWRAPPER-1050980
Related Vulnerabilities
CVE-2022-36096 Vulnerability in maven package org.xwiki.platform:xwiki-platform-index-ui
CVE-2022-24947 Vulnerability in maven package org.apache.jspwiki:jspwiki-main
CVE-2020-15228 Vulnerability in npm package @actions/core
CVE-2023-50137 Vulnerability in maven package com.jfinal:jfinal
CVE-2021-32820 Vulnerability in npm package express-handlebars