GHSA-gq75-5gc3-rfwg, CVE-2020-7649
npm/snyk-broker
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
This affects the package snyk-broker before 4.73.0. It allows arbitrary file reads for users with access to Snyk's internal network via directory traversal.
All versions before 4.73.0
Upgrade to version 4.73.0 or above.
2022-08-09
source |