CVE-2020-7651
N/A
N/A
Summary
All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. It allows partial file reads for users who have access to Snyk's internal network via patch history from GitHub Commits API.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | snyk-broker | all versions before 4.79.0 | affected |
Weaknesses
- Arbitrary File Read
ADP Enrichment
CVE Program Container
Additional References
- https://updates.snyk.io/snyk-broker-security-fixes-152338
- https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570610
References
- https://updates.snyk.io/snyk-broker-security-fixes-152338
- https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570610
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.