Information disclosure in Broker - CVE-2020-7650
Published: June 5, 2020
Broker
Detailed vulnerability description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote user with access to Snyk's internal network of any files ending in the following extensions: "yaml", "yml" or "json" can gain unauthorized access to sensitive information on the system.