Skip to main content

Snyk Cli

4 CVEs product

Monthly

CVE-2024-48964 npm HIGH PATCH This Week

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Snyk Cli
NVD GitHub
CVSS 4.0
7.5
EPSS
0.4%
CVE-2024-48963 npm HIGH PATCH This Week

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Command Injection Snyk Cli
NVD GitHub
CVSS 4.0
7.5
EPSS
0.4%
CVE-2022-24441 npm HIGH POC PATCH This Week

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Snyk Cli Snyk Language Server Snyk Security
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-22984 npm MEDIUM POC PATCH This Month

The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Docker Python Command Injection Snyk Cli Snyk Cocoapods Cli +6
NVD GitHub
CVSS 3.1
6.3
EPSS
3.0%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Snyk Cli
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Command Injection Snyk Cli
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Snyk Cli Snyk Language Server +1
NVD GitHub
EPSS 3% CVSS 6.3
MEDIUM POC PATCH This Month

The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Docker Python Command Injection +8
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy