CVE-2020-7653

Summary

All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network by creating symlinks to match whitelisted paths.

Affected Software

VendorProductVersion RangeStatus
n/asnyk-brokerAll versions before 4.80.0affected

Weaknesses

  • Arbitrary File Read

ADP Enrichment

CVE Program Container

Additional References

References