The Sonar Research team discovered several SQL injection vulnerabilities in Soko, a software deployed on the Gentoo Linux infrastructure. These vulnerabilities were found despite the use of an Object-Relational Mapping (ORM) library and prepared statements. The researchers demonstrated that these code vulnerabilities lead to Remote Code Execution (RCE) on Soko due to a misconfiguration of the database. However, thanks to the isolation of Soko software components from other services and the Portage package manager's isolation, users of Gentoo Linux were not at risk of supply-chain attacks. The vulnerabilities were tracked as CVE-2023-28424 and were responsibly disclosed to Gentoo Linux maintainers, who deployed fixes within 24 hours. The researchers highlighted the importance of understanding how ORM APIs are designed to avoid introducing similar code vulnerabilities and emphasized the need for developers to be aware of these pitfalls. Additionally, they noted that containerization solutions like Docker should not be considered a security boundary and that applying the principle of least privilege is crucial.