High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-23	CVE-2024-48964	Code Injection vulnerability in Snyk CLI The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. network low complexity snyk CWE-94	8.8
2022-11-30	CVE-2022-24441	OS Command Injection vulnerability in Snyk Security The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. network low complexity snyk CWE-78	8.8
2022-10-03	CVE-2022-40764	OS Command Injection vulnerability in Snyk CLI and Golang CLI Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. local low complexity snyk CWE-78	7.8
2019-08-05	CVE-2019-3800	Information Exposure vulnerability in multiple products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. local low complexity pivotal apigee newrelic microsoft appdynamics bluemedora contrastsecurity cyberark datadoghq datastax dynatrace forgerock google ibm pagerduty riverbed signalsciences wavefront tibco solace snyk samba splunk sumologic synopsys yugabyte anynines CWE-200	7.8