// For flags

CVE-2022-24441

Code Injection

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the application. This vulnerability may be triggered when running the the CLI tool directly, or when running a scan with one of the IDE plugins that invoke the Snyk CLI. Successful exploitation of this issue would likely require some level of social engineering - to coerce an untrusted project to be downloaded and analyzed via the Snyk CLI or opened in an IDE where a Snyk IDE plugin is installed and enabled. Additionally, if the IDE has a Trust feature then the target folder must be marked as ‘trusted’ in order to be vulnerable. **NOTE:** This issue is independent of the one reported in [CVE-2022-40764](https://security.snyk.io/vuln/SNYK-JS-SNYK-3037342), and upgrading to a fixed version for this addresses that issue as well. The affected IDE plugins and versions are: - VS Code - Affected: <=1.8.0, Fixed: 1.9.0 - IntelliJ - Affected: <=2.4.47, Fixed: 2.4.48 - Visual Studio - Affected: <=1.1.30, Fixed: 1.1.31 - Eclipse - Affected: <=v20221115.132308, Fixed: All subsequent versions - Language Server - Affected: <=v20221109.114426, Fixed: All subsequent versions

Los paquetes snyk anteriores a 1.1064.0 son vulnerables a la Inyección de Código al analizar un proyecto. Un atacante que pueda convencer a un usuario de que escanee un proyecto malicioso puede incluir comandos en un archivo de compilación como build.gradle o gradle-wrapper.jar, que se ejecutarán con los privilegios de la aplicación. Esta vulnerabilidad puede desencadenarse al ejecutar la herramienta CLI directamente o al ejecutar un análisis con uno de los complementos IDE que invocan la CLI de Snyk. La explotación exitosa de este problema probablemente requeriría cierto nivel de ingeniería social: obligar a que un proyecto que no es de confianza se descargue y analice a través de la CLI de Snyk o se abra en un IDE donde esté instalado y habilitado un complemento de Snyk IDE. Además, si el IDE tiene una función de confianza, la carpeta de destino debe marcarse como "de confianza". para ser vulnerable. **NOTA:** Este problema es independiente del reportado en [CVE-2022-40764](https://security.snyk.io/vuln/SNYK-JS-SNYK-3037342), y se actualiza a una versión corregida. porque esto también aborda ese problema. Los complementos y versiones de IDE afectados son: - VS Code - Afectado: &lt;=1.8.0, Corregido: 1.9.0 - IntelliJ - Afectado: &lt;=2.4.47, Corregido: 2.4.48 - Visual Studio - Afectado: &lt; ;=1.1.30, Corregido: 1.1.31 - Eclipse - Afectado: &lt;=v20221115.132308, Corregido: Todas las versiones posteriores - Servidor de idiomas - Afectado: &lt;=v20221109.114426, Corregido: Todas las versiones posteriores

*Credits: Ron Masas - Imperva
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-02-24 CVE Reserved
  • 2022-11-30 CVE Published
  • 2024-07-21 EPSS Updated
  • 2024-08-03 CVE Updated
  • 2024-08-03 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Snyk
Search vendor "Snyk"
Snyk Cli
Search vendor "Snyk" for product "Snyk Cli"
< 1.1064.0
Search vendor "Snyk" for product "Snyk Cli" and version " < 1.1064.0"
-
Affected
Snyk
Search vendor "Snyk"
Snyk Language Server
Search vendor "Snyk" for product "Snyk Language Server"
<= 20221109.114426
Search vendor "Snyk" for product "Snyk Language Server" and version " <= 20221109.114426"
-
Affected
Snyk
Search vendor "Snyk"
Snyk Security
Search vendor "Snyk" for product "Snyk Security"
<= 1.1.30
Search vendor "Snyk" for product "Snyk Security" and version " <= 1.1.30"
visual_studio
Affected
Snyk
Search vendor "Snyk"
Snyk Security
Search vendor "Snyk" for product "Snyk Security"
<= 1.8.0
Search vendor "Snyk" for product "Snyk Security" and version " <= 1.8.0"
visual_studio_code
Affected
Snyk
Search vendor "Snyk"
Snyk Security
Search vendor "Snyk" for product "Snyk Security"
<= 2.4.47
Search vendor "Snyk" for product "Snyk Security" and version " <= 2.4.47"
intellij
Affected
Snyk
Search vendor "Snyk"
Snyk Security
Search vendor "Snyk" for product "Snyk Security"
<= 20221115.132308
Search vendor "Snyk" for product "Snyk Security" and version " <= 20221115.132308"
eclipse
Affected