cve/2020/CVE-2020-7650.md

### [CVE-2020-7650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7650)
![](https://img.shields.io/static/v1?label=Product&message=snyk-broker&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Arbitrary%20File%20Read&color=brighgreen)

### Description

All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.

### POC

#### Reference
- https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570609
- https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570609

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-7650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7650)`
			`![](https://img.shields.io/static/v1?label=Product&message=snyk-broker&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Arbitrary%20File%20Read&color=brighgreen)`

			`### Description`

			`All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.`

			`### POC`

			`#### Reference`
			`- https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570609`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570609`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`#### Github`
			`No PoCs found on GitHub currently.`