CVE-2020-7650
N/A
N/A
Summary
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | snyk-broker | All versions after 4.72.0 including and before 4.73.1 | affected |
Weaknesses
- Arbitrary File Read
ADP Enrichment
CVE Program Container
Additional References
- https://updates.snyk.io/snyk-broker-security-fixes-152338
- https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570609
References
- https://updates.snyk.io/snyk-broker-security-fixes-152338
- https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570609
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.