CVE-2022-40764 : Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE p

Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in the vendor.json ignore field, affecting snyk-go-plugin before 1.19.1. This affects, for example, the Snyk TeamCity plugin (which does not update automatically) before 20220930.142957.

Published 2022-10-03 15:15:18

Updated 2022-10-05 17:08:30

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2022-40764

Snyk » CLI
Versions before (<) 1.996.0
cpe:2.3:a:snyk:cli:*:*:*:*:*:*:*:*
Matching versions
Snyk » Golang Cli
Versions before (<) 1.19.1
cpe:2.3:a:snyk:golang_cli:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-40764

EPSS FAQ

4.45%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 88 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-40764

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2022-40764

CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-40764

https://support.snyk.io/hc/en-us/articles/7015908293789-CVE-2022-40764-Command-Injection-vulnerability-affecting-Snyk-CLI-versions-prior-to-1-996-0

Security check
Patch;Vendor Advisory
https://www.imperva.com/blog/how-scanning-your-projects-for-security-issues-can-lead-to-remote-code-execution/

How Scanning Your Projects for Security Issues Can Lead to Remote Code Execution | Imperva
Exploit;Technical Description;Third Party Advisory

CVEs referencing this url
https://github.com/snyk/cli/releases/tag/v1.996.0

Release v1.996.0 · snyk/cli · GitHub
Patch;Release Notes;Third Party Advisory
https://github.com/snyk/snyk-go-plugin/releases/tag/v1.19.1

Release v1.19.1 · snyk/snyk-go-plugin · GitHub
Patch;Release Notes;Third Party Advisory

Jump to

Vulnerability Details : CVE-2022-40764

Products affected by CVE-2022-40764

Exploit prediction scoring system (EPSS) score for CVE-2022-40764

CVSS scores for CVE-2022-40764

CWE ids for CVE-2022-40764

References for CVE-2022-40764