Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1naDUtNGg5NS1xajRw

Information Exposure in Snyk Broker

All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.

Permalink: https://github.com/advisories/GHSA-mgh5-4h95-qj4p
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1naDUtNGg5NS1xajRw
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 4 years ago
Updated: about 1 year ago


CVSS Score: 7.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Identifiers: GHSA-mgh5-4h95-qj4p, CVE-2020-7654
References:

Affected Packages

npm:snyk-broker
Dependent packages: 0
Dependent repositories: 2
Downloads: 5,357 last month
Affected Version Ranges: < 4.73.1
Fixed in: 4.73.1
All affected versions: 1.0.0, 1.1.0, 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.3.0, 2.4.0, 2.4.1, 2.5.0, 2.6.0, 2.6.1, 2.7.0, 2.8.0, 3.0.0, 3.0.1, 3.1.0, 3.1.1, 3.1.2, 3.2.0, 3.3.0, 3.3.1, 3.3.2, 3.4.0, 3.5.0, 3.6.0, 3.6.1, 3.7.0, 3.7.1, 3.7.2, 3.9.0, 3.9.1, 3.10.0, 3.10.1, 3.10.2, 3.11.0, 3.11.1, 4.2.0, 4.3.0, 4.3.1, 4.3.2, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.6.0, 4.7.0, 4.8.0, 4.9.0, 4.9.1, 4.10.0, 4.10.1, 4.10.2, 4.11.0, 4.11.1, 4.12.0, 4.13.0, 4.13.1, 4.14.0, 4.14.1, 4.14.2, 4.15.0, 4.15.1, 4.15.2, 4.16.0, 4.16.1, 4.16.2, 4.16.3, 4.17.0, 4.18.0, 4.18.1, 4.18.2, 4.18.3, 4.18.4, 4.19.0, 4.19.1, 4.20.0, 4.21.0, 4.21.1, 4.22.0, 4.23.0, 4.24.0, 4.24.1, 4.25.0, 4.26.0, 4.26.1, 4.26.2, 4.27.0, 4.28.0, 4.28.1, 4.28.2, 4.28.3, 4.28.4, 4.29.0, 4.30.0, 4.30.1, 4.30.2, 4.30.3, 4.31.0, 4.31.1, 4.31.2, 4.32.0, 4.33.0, 4.33.1, 4.34.0, 4.34.1, 4.35.0, 4.35.1, 4.36.0, 4.37.0, 4.38.0, 4.38.1, 4.39.0, 4.40.0, 4.41.0, 4.41.1, 4.42.0, 4.43.0, 4.44.0, 4.45.0, 4.45.1, 4.46.0, 4.47.0, 4.47.1, 4.48.0, 4.48.1, 4.48.2, 4.48.3, 4.48.4, 4.49.0, 4.49.1, 4.49.2, 4.49.3, 4.49.4, 4.50.0, 4.51.0, 4.51.1, 4.52.0, 4.53.0, 4.54.0, 4.55.0, 4.55.1, 4.56.0, 4.57.0, 4.58.0, 4.59.0, 4.59.1, 4.60.0, 4.61.0, 4.62.0, 4.62.1, 4.63.0, 4.64.0, 4.65.0, 4.66.0, 4.66.1, 4.67.0, 4.68.0, 4.68.1, 4.68.2, 4.68.3, 4.69.0, 4.69.1, 4.69.2, 4.69.3, 4.69.4, 4.69.5, 4.70.0, 4.71.0, 4.72.0, 4.72.1, 4.72.2, 4.73.0
All unaffected versions: 4.73.1, 4.74.0, 4.75.0, 4.75.1, 4.75.2, 4.76.0, 4.77.0, 4.78.0, 4.79.0, 4.79.1, 4.80.0, 4.81.0, 4.82.0, 4.82.1, 4.83.0, 4.84.0, 4.85.0, 4.85.1, 4.86.0, 4.87.0, 4.87.1, 4.88.0, 4.89.0, 4.89.1, 4.90.0, 4.90.1, 4.90.2, 4.91.0, 4.91.1, 4.92.0, 4.92.1, 4.93.0, 4.94.0, 4.94.1, 4.94.2, 4.95.0, 4.96.0, 4.96.1, 4.97.0, 4.97.1, 4.97.2, 4.98.0, 4.99.0, 4.100.0, 4.100.1, 4.100.2, 4.100.3, 4.100.4, 4.100.5, 4.101.0, 4.102.0, 4.102.1, 4.103.0, 4.104.0, 4.104.1, 4.105.0, 4.106.0, 4.107.0, 4.108.0, 4.109.0, 4.109.1, 4.109.2, 4.110.0, 4.110.1, 4.110.2, 4.111.0, 4.112.0, 4.112.1, 4.113.0, 4.113.1, 4.113.2, 4.113.3, 4.114.0, 4.114.1, 4.115.0, 4.115.1, 4.115.2, 4.115.3, 4.116.0, 4.116.1, 4.116.2, 4.117.0, 4.117.1, 4.118.0, 4.118.1, 4.118.2, 4.119.0, 4.120.0, 4.121.0, 4.121.1, 4.121.2, 4.121.3, 4.122.0, 4.123.0, 4.124.0, 4.124.1, 4.125.0, 4.126.0, 4.126.1, 4.126.2, 4.127.0, 4.127.1, 4.128.0, 4.129.0, 4.129.1, 4.129.2, 4.130.0, 4.131.0, 4.132.0, 4.132.1, 4.133.0, 4.134.0, 4.135.0, 4.136.0, 4.137.0, 4.137.1, 4.137.2, 4.137.3, 4.137.4, 4.137.5, 4.137.6, 4.137.7, 4.137.8, 4.137.9, 4.137.10, 4.138.0, 4.138.1, 4.138.2, 4.138.3, 4.138.4, 4.139.0, 4.140.0, 4.140.1, 4.141.0, 4.141.1, 4.141.2, 4.141.3, 4.141.4, 4.141.5, 4.141.6, 4.141.7, 4.141.8, 4.141.9, 4.141.10, 4.141.11, 4.141.12, 4.141.13, 4.142.0, 4.142.1, 4.142.2, 4.143.0, 4.143.1, 4.143.2, 4.143.3, 4.143.4, 4.144.0, 4.144.1, 4.145.0, 4.145.1, 4.146.0, 4.146.1, 4.146.2, 4.147.0, 4.148.0, 4.149.0, 4.150.0, 4.150.1, 4.151.0, 4.152.0, 4.153.0, 4.153.1, 4.154.0, 4.154.1, 4.154.2, 4.155.0, 4.156.0, 4.156.1, 4.157.0, 4.157.1, 4.157.2, 4.157.3, 4.157.4, 4.157.5, 4.158.0, 4.158.1, 4.159.0, 4.160.0, 4.160.1, 4.160.2, 4.160.3, 4.161.0, 4.161.1, 4.161.2, 4.161.3, 4.161.4, 4.161.5, 4.162.0, 4.162.1, 4.163.0, 4.164.0, 4.164.1, 4.164.2, 4.165.0, 4.165.1, 4.165.2, 4.165.3, 4.165.4, 4.165.5, 4.165.6, 4.165.7, 4.165.8, 4.166.0, 4.166.1, 4.166.2, 4.166.3, 4.167.0, 4.168.0, 4.168.1, 4.168.2, 4.168.3, 4.168.4, 4.168.5, 4.169.0, 4.169.1, 4.169.2, 4.169.3, 4.170.0, 4.170.1, 4.170.2, 4.171.0, 4.171.1, 4.171.2, 4.171.3, 4.171.4, 4.171.5, 4.171.6, 4.171.7, 4.171.8, 4.171.9, 4.171.10, 4.172.0, 4.172.1, 4.172.2, 4.172.3, 4.172.4, 4.172.5, 4.172.6, 4.173.0, 4.173.1, 4.173.2, 4.173.3, 4.174.0, 4.174.1, 4.175.0, 4.176.0, 4.176.1, 4.176.2, 4.176.3, 4.176.4, 4.176.5, 4.176.6, 4.176.7, 4.176.8, 4.176.9, 4.177.0, 4.177.1, 4.177.2, 4.177.3, 4.177.4, 4.177.5, 4.177.6, 4.177.7, 4.177.8, 4.177.9, 4.177.10, 4.177.11, 4.177.12, 4.178.0, 4.179.0, 4.179.1, 4.179.2, 4.179.3, 4.179.4, 4.179.5