EPSS
Percentile
50.8%
snyk-broker is vulnerable to directory traversal. The vulnerability exists in exports function in index.js when reading configs which allows an attacker to traverse through the directories to read and write on files.
exports
index.js
github.com/advisories/GHSA-gq75-5gc3-rfwg
github.com/snyk/broker/commit/90e0bac07a800b7c4c6646097c9c89d6b878b429
github.com/snyk/broker/pull/228
updates.snyk.io/snyk-broker-security-fixes-152338