Directory traversal

2020-05-2921:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

48.5%

JSON

All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk’s internal network via directory traversal.

CPENameOperatorVersion
brokerlt4.80.0

CPE	Name	Operator	Version
	broker	lt	4.80.0

References

snyk.io/vuln/SNYK-JS-SNYKBROKER-570611

updates.snyk.io/snyk-broker-security-fixes-152338

0.001 Low

EPSS

Percentile

48.5%

JSON

Related for PRION:CVE-2020-7652