{"api_version":"1","generated_at":"2026-04-23T09:53:00+00:00","cve":"CVE-2022-24441","urls":{"html":"https://cve.report/CVE-2022-24441","api":"https://cve.report/api/cve/CVE-2022-24441.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-24441","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-24441"},"summary":{"title":"CVE-2022-24441","description":"The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the application. This vulnerability may be triggered when running the the CLI tool directly, or when running a scan with one of the IDE plugins that invoke the Snyk CLI. Successful exploitation of this issue would likely require some level of social engineering - to coerce an untrusted project to be downloaded and analyzed via the Snyk CLI or opened in an IDE where a Snyk IDE plugin is installed and enabled. Additionally, if the IDE has a Trust feature then the target folder must be marked as ‘trusted’ in order to be vulnerable. **NOTE:** This issue is independent of the one reported in [CVE-2022-40764](https://security.snyk.io/vuln/SNYK-JS-SNYK-3037342), and upgrading to a fixed version for this addresses that issue as well. The affected IDE plugins and versions are: - VS Code - Affected: <=1.8.0, Fixed: 1.9.0 - IntelliJ - Affected: <=2.4.47, Fixed: 2.4.48 - Visual Studio - Affected: <=1.1.30, Fixed: 1.1.31 - Eclipse - Affected: <=v20221115.132308, Fixed: All subsequent versions - Language Server - Affected: <=v20221109.114426, Fixed: All subsequent versions","state":"PUBLIC","assigner":"report@snyk.io","published_at":"2022-11-30 13:15:00","updated_at":"2023-08-08 14:21:00"},"problem_types":["CWE-78"],"metrics":[],"references":[{"url":"https://github.com/snyk/snyk-eclipse-plugin/commit/b5a8bce25a359ced75f83a729fc6b2393fc9a495","name":"https://github.com/snyk/snyk-eclipse-plugin/commit/b5a8bce25a359ced75f83a729fc6b2393fc9a495","refsource":"MISC","tags":[],"title":"Merge pull request #106 from snyk/feat/trust-feature · snyk/snyk-eclipse-plugin@b5a8bce · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.snyk.io/vuln/SNYK-JS-SNYK-3111871","name":"https://security.snyk.io/vuln/SNYK-JS-SNYK-3111871","refsource":"MISC","tags":[],"title":"Code Injection in snyk | CVE-2022-24441 | Snyk","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/snyk/snyk-ls/commit/b3229f0142f782871aa72d1a7dcf417546d568ed","name":"https://github.com/snyk/snyk-ls/commit/b3229f0142f782871aa72d1a7dcf417546d568ed","refsource":"MISC","tags":[],"title":"feat: add trust management mechanism (#187) · snyk/snyk-ls@b3229f0 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.imperva.com/blog/how-scanning-your-projects-for-security-issues-can-lead-to-remote-code-execution/","name":"https://www.imperva.com/blog/how-scanning-your-projects-for-security-issues-can-lead-to-remote-code-execution/","refsource":"MISC","tags":[],"title":"How Scanning Your Projects for Security Issues Can Lead to Remote Code Execution | Imperva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/snyk/snyk-intellij-plugin/commit/56682f4ba6081ce1d95cb980cbfacd3809a826f4","name":"https://github.com/snyk/snyk-intellij-plugin/commit/56682f4ba6081ce1d95cb980cbfacd3809a826f4","refsource":"MISC","tags":[],"title":"Merge pull request #417 from snyk/feat/trust · snyk/snyk-intellij-plugin@56682f4 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/snyk/snyk-visual-studio-plugin/commit/0b53dbbd4a3153c3ef9aaf797af3b5caad0f731a","name":"https://github.com/snyk/snyk-visual-studio-plugin/commit/0b53dbbd4a3153c3ef9aaf797af3b5caad0f731a","refsource":"MISC","tags":[],"title":"feat: add workspace trust (#217) · snyk/snyk-visual-studio-plugin@0b53dbb · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/snyk/vscode-extension/commit/0db3b4240be0db6a0a5c6d02c0d4231a2c4ba708","name":"https://github.com/snyk/vscode-extension/commit/0db3b4240be0db6a0a5c6d02c0d4231a2c4ba708","refsource":"MISC","tags":[],"title":"feat: workspace trust (#306) · snyk/vscode-extension@0db3b42 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-24441","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24441","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"Ron Masas - Imperva","lang":""}],"nvd_cpes":[{"cve_year":"2022","cve_id":"24441","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"snyk","cpe5":"snyk_cli","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"24441","vulnerable":"1","versionEndIncluding":"20221109.114426","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"snyk","cpe5":"snyk_language_server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"24441","vulnerable":"1","versionEndIncluding":"1.1.30","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"snyk","cpe5":"snyk_security","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"visual_studio","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"24441","vulnerable":"1","versionEndIncluding":"1.8.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"snyk","cpe5":"snyk_security","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"visual_studio_code","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"24441","vulnerable":"1","versionEndIncluding":"2.4.47","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"snyk","cpe5":"snyk_security","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"intellij","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"24441","vulnerable":"1","versionEndIncluding":"20221115.132308","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"snyk","cpe5":"snyk_security","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"eclipse","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ASSIGNER":"report@snyk.io","DATE_PUBLIC":"2022-11-30T12:44:52.509668Z","ID":"CVE-2022-24441","STATE":"PUBLIC","TITLE":"Code Injection"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"snyk","version":{"version_data":[{"version_affected":"<","version_value":"1.1064.0"}]}}]},"vendor_name":"n/a"}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Code Injection"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://security.snyk.io/vuln/SNYK-JS-SNYK-3111871","name":"https://security.snyk.io/vuln/SNYK-JS-SNYK-3111871"},{"refsource":"MISC","url":"https://www.imperva.com/blog/how-scanning-your-projects-for-security-issues-can-lead-to-remote-code-execution/","name":"https://www.imperva.com/blog/how-scanning-your-projects-for-security-issues-can-lead-to-remote-code-execution/"},{"refsource":"MISC","url":"https://github.com/snyk/vscode-extension/commit/0db3b4240be0db6a0a5c6d02c0d4231a2c4ba708","name":"https://github.com/snyk/vscode-extension/commit/0db3b4240be0db6a0a5c6d02c0d4231a2c4ba708"},{"refsource":"MISC","url":"https://github.com/snyk/snyk-intellij-plugin/commit/56682f4ba6081ce1d95cb980cbfacd3809a826f4","name":"https://github.com/snyk/snyk-intellij-plugin/commit/56682f4ba6081ce1d95cb980cbfacd3809a826f4"},{"refsource":"MISC","url":"https://github.com/snyk/snyk-visual-studio-plugin/commit/0b53dbbd4a3153c3ef9aaf797af3b5caad0f731a","name":"https://github.com/snyk/snyk-visual-studio-plugin/commit/0b53dbbd4a3153c3ef9aaf797af3b5caad0f731a"},{"refsource":"MISC","url":"https://github.com/snyk/snyk-eclipse-plugin/commit/b5a8bce25a359ced75f83a729fc6b2393fc9a495","name":"https://github.com/snyk/snyk-eclipse-plugin/commit/b5a8bce25a359ced75f83a729fc6b2393fc9a495"},{"refsource":"MISC","url":"https://github.com/snyk/snyk-ls/commit/b3229f0142f782871aa72d1a7dcf417546d568ed","name":"https://github.com/snyk/snyk-ls/commit/b3229f0142f782871aa72d1a7dcf417546d568ed"}]},"description":{"description_data":[{"lang":"eng","value":"The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the application. This vulnerability may be triggered when running the the CLI tool directly, or when running a scan with one of the IDE plugins that invoke the Snyk CLI. Successful exploitation of this issue would likely require some level of social engineering - to coerce an untrusted project to be downloaded and analyzed via the Snyk CLI or opened in an IDE where a Snyk IDE plugin is installed and enabled. Additionally, if the IDE has a Trust feature then the target folder must be marked as ‘trusted’ in order to be vulnerable. **NOTE:** This issue is independent of the one reported in [CVE-2022-40764](https://security.snyk.io/vuln/SNYK-JS-SNYK-3037342), and upgrading to a fixed version for this addresses that issue as well. The affected IDE plugins and versions are: - VS Code - Affected: <=1.8.0, Fixed: 1.9.0 - IntelliJ - Affected: <=2.4.47, Fixed: 2.4.48 - Visual Studio - Affected: <=1.1.30, Fixed: 1.1.31 - Eclipse - Affected: <=v20221115.132308, Fixed: All subsequent versions - Language Server - Affected: <=v20221109.114426, Fixed: All subsequent versions"}]},"impact":{"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"}},"credit":[{"lang":"eng","value":"Ron Masas - Imperva"}]},"nvd":{"publishedDate":"2022-11-30 13:15:00","lastModifiedDate":"2023-08-08 14:21:00","problem_types":["CWE-78"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:snyk:snyk_security:*:*:*:*:*:eclipse:*:*","versionEndIncluding":"20221115.132308","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:snyk:snyk_security:*:*:*:*:*:visual_studio:*:*","versionEndIncluding":"1.1.30","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:snyk:snyk_security:*:*:*:*:*:visual_studio_code:*:*","versionEndIncluding":"1.8.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:snyk:snyk_language_server:*:*:*:*:*:*:*:*","versionEndIncluding":"20221109.114426","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:snyk:snyk_security:*:*:*:*:*:intellij:*:*","versionEndIncluding":"2.4.47","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:snyk:snyk_cli:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1064.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}