Description
This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-SONARWRAPPER-1050980
Related Vulnerabilities
CVE-2018-15890 Vulnerability in maven package org.ethereum:ethereumj-core
CVE-2021-34429 Vulnerability in maven package org.eclipse.jetty:jetty-webapp
CVE-2023-41886 Vulnerability in maven package org.openrefine:database
CVE-2021-23632 Vulnerability in npm package git
CVE-2021-21267 Vulnerability in npm package schema-inspector