Vulnerabilities

CVE-2020-7653

by Fred · 29/05/2020

All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk’s internal network by creating symlinks to match whitelisted paths.

Date published : 2020-05-29

https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570612

https://updates.snyk.io/snyk-broker-security-fixes-152338

Related

Tags: Cybersecurity Alert