CVE-2020-7653
All referenced sources describe a vulnerability in snyk-broker: versions before 4.80.0 are susceptible to Arbitrary File Read. The root cause is an information-disclosure flaw where an attacker could read arbitrary files by exploiting symlinks to match whitelisted internal paths, usable by users ...