Description
This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-SONARWRAPPER-1050980
Related Vulnerabilities
CVE-2021-40690 Vulnerability in maven package org.apache.santuario:xmlsec
CVE-2020-6426 Vulnerability in npm package electron
CVE-2021-21342 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2022-39299 Vulnerability in npm package @node-saml/passport-saml
CVE-2020-7760 Vulnerability in maven package org.webjars:codemirror