Arbitrary File Read Vulnerability in snyk-broker

Arbitrary File Read Vulnerability in snyk-broker

CVE-2020-7651 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. It allows partial file reads for users who have access to Snyk's internal network via patch history from GitHub Commits API.

Learn more about our Api Penetration Testing.