Arbitrary File Read

Affecting snyk-broker package, versions <4.72.2

Report new vulnerabilities
Do your applications use this vulnerable package? Test your applications

Overview

snyk-broker is a package that proxies access between snyk.io and your Git repositories, such as GitHub Enterprise, GitHub.com and Bitbucket Server. Snyk Broker can also be used to enable a secure connection with your on-premise Jira deployment.

Affected versions of this package are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. #package.json

Remediation

Upgrade snyk-broker to version 4.72.2 or higher.

References

CVSS Score

4.9
medium severity
  • Attack Vector
    Network
  • Attack Complexity
    Low
  • Privileges Required
    High
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    High
  • Integrity
    None
  • Availability
    None
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Credit
Wing Chan of The Hut Group
CVE
CVE-2020-7648
CWE
CWE-22
Snyk ID
SNYK-JS-SNYKBROKER-570607
Disclosed
28 May, 2020
Published
29 May, 2020