2022-07-13 11:50:10
snyk
PUBLISHED
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method.