← back
CVE-2020-7650

CVE-2020-7650

EPSS 1.1%
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.
Affected products
n/a · snyk-broker

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570609https://updates.snyk.io/snyk-broker-security-fixes-152338