All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.
References
Link | Resource |
---|---|
https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570613 | Patch Vendor Advisory |
https://updates.snyk.io/snyk-broker-security-fixes-152338 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: snyk
Published: 2020-05-29T21:09:15
Updated: 2020-05-29T21:09:15
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7654
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-05-29T22:15:10.757
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-7654
JSON object: View
Redhat Information
No data.
CWE