Vulnerabilities > Snyk > Snyk CLI

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-48963 OS Command Injection vulnerability in Snyk CLI
The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project.
network
low complexity
snyk CWE-78
critical
 9.8
9.8
2024-10-23 CVE-2024-48964 Code Injection vulnerability in Snyk CLI
The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project.
network
low complexity
snyk CWE-94
8.8
8.8
2022-11-30 CVE-2022-22984 OS Command Injection vulnerability in Snyk products
The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin before 5.6.5; the package @snyk/snyk-hex-plugin before 1.1.6 are vulnerable to Command Injection due to an incomplete fix for [CVE-2022-40764](https://security.snyk.io/vuln/SNYK-JS-SNYK-3037342).
network
low complexity
snyk CWE-78
6.3
6.3
2022-11-30 CVE-2022-24441 OS Command Injection vulnerability in Snyk Security
The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project.
network
low complexity
snyk CWE-78
8.8
8.8