CVE-2020-7649

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-7649

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7649.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-7649

Aliases

GHSA-gq75-5gc3-rfwg

Published

2022-07-25T14:15:09.987Z

Modified

2025-11-20T11:28:21.740272Z

Severity

4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

This affects the package snyk-broker before 4.73.0. It allows arbitrary file reads for users with access to Snyk's internal network via directory traversal.

References

Affected packages

Git / github.com/snyk/broker

Affected ranges

Type: GIT
Repo: https://github.com/snyk/broker
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

90e0bac07a800b7c4c6646097c9c89d6b878b429

Affected versions

v1.*

v1.0.0

v1.1.0

v2.*

v2.0.0

v2.0.1

v2.1.0

v2.1.1

v2.2.0

v2.3.0

v2.4.0

v2.4.1

v2.5.0

v2.6.1

v2.7.0

v2.8.0

v3.*

v3.0.0

v3.0.1

v3.1.0

v3.1.1

v3.1.2

v3.10.0

v3.10.1

v3.10.2

v3.11.0

v3.11.1

v3.2.0

v3.3.0

v3.3.1

v3.3.2

v3.4.0

v3.5.0

v3.6.0

v3.6.1

v3.7.0

v3.7.1

v3.7.2

v3.8.0

v3.9.0

v3.9.1

v4.*

v4.10.0

v4.10.1

v4.10.2

v4.11.0

v4.11.1

v4.12.0

v4.13.0

v4.13.1

v4.14.0

v4.14.1

v4.14.2

v4.15.0

v4.15.1

v4.15.2

v4.16.0

v4.16.1

v4.16.2

v4.16.3

v4.17.0

v4.18.0

v4.18.1

v4.18.2

v4.18.3

v4.18.4

v4.19.0

v4.19.1

v4.2.0

v4.20.0

v4.21.0

v4.21.1

v4.22.0

v4.23.0

v4.24.0

v4.24.1

v4.25.0

v4.26.0

v4.26.1

v4.26.2

v4.27.0

v4.28.0

v4.28.1

v4.28.2

v4.28.3

v4.28.4

v4.29.0

v4.3.0

v4.3.1

v4.3.2

v4.30.0

v4.30.1

v4.30.2

v4.30.3

v4.31.0

v4.31.1

v4.31.2

v4.32.0

v4.33.0

v4.33.1

v4.34.0

v4.34.1

v4.35.0

v4.35.1

v4.36.0

v4.37.0

v4.38.0

v4.38.1

v4.39.0

v4.4.0

v4.4.1

v4.4.2

v4.4.3

v4.40.0

v4.41.0

v4.41.1

v4.42.0

v4.43.0

v4.44.0

v4.45.0

v4.45.1

v4.46.0

v4.47.0

v4.47.1

v4.48.0

v4.48.1

v4.48.2

v4.48.3

v4.48.4

v4.49.0

v4.49.1

v4.49.2

v4.49.3

v4.49.4

v4.5.0

v4.50.0

v4.51.0

v4.51.1

v4.52.0

v4.53.0

v4.54.0

v4.55.0

v4.55.1

v4.56.0

v4.57.0

v4.58.0

v4.59.0

v4.59.1

v4.6.0

v4.60.0

v4.61.0

v4.62.0

v4.62.1

v4.63.0

v4.64.0

v4.65.0

v4.66.0

v4.66.1

v4.67.0

v4.68.0

v4.68.1

v4.68.2

v4.68.3

v4.69.0

v4.69.1

v4.69.2

v4.69.3

v4.69.4

v4.69.5

v4.7.0

v4.70.0

v4.71.0

v4.72.0

v4.72.1

v4.72.2

v4.8.0

v4.9.0

v4.9.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7649.json"