Arbitrary File Read in snyk-broker

Do your applications use this vulnerable package? Test your applications

Overview

snyk-broker is a package that proxies access between snyk.io and your Git repositories, such as GitHub Enterprise, GitHub.com and Bitbucket Server. Snyk Broker can also be used to enable a secure connection with your on-premise Jira deployment.

Affected versions of this package are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. #package.json

Remediation

Upgrade snyk-broker to version 4.72.2 or higher.

References

GitHub Commit
Snyk Security Announcement

Attack Vector

Network
Attack Complexity

Low
Privileges Required

High
User Interaction

None
Scope

Unchanged
Confidentiality

High
Integrity

None
Availability

None

Credit: Wing Chan of The Hut Group
CVE: CVE-2020-7648
CWE: CWE-22
Snyk ID: SNYK-JS-SNYKBROKER-570607
Disclosed: 28 May, 2020
Published: 29 May, 2020

Arbitrary File Read
Affecting snyk-broker package, versions <4.72.2

Overview

Remediation

References

CVSS Score

Arbitrary File Read Affecting snyk-broker package, versions <4.72.2

Overview

Remediation

References

Arbitrary File Read
Affecting snyk-broker package, versions <4.72.2