Lucene search

GitHub Advisory DatabaseGHSA-3X3F-JCP3-G22J

HistorySep 17, 2024 - 9:29 p.m.

@backstage/plugin-catalog-backend Prototype Pollution vulnerability

2024-09-1721:29:49

CWE-1321

GitHub Advisory Database

github.com

backstage

plugin-catalog-backend

vulnerability

fix

1.26.0

release

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

High

EPSS

Percentile

9.6%

JSON

Impact

A malicious actor with authenticated access to a Backstage instance with the catalog backend plugin installed is able to interrupt the service using a specially crafted query to the catalog API.

Patches

This has been fixed in the 1.26.0 release of the @backstage/plugin-catalog-backend package.

References

If you have any questions or comments about this advisory:

Open an issue in the Backstage repository
Visit our Discord, linked to in Backstage README

Affected configurations

Vulners

Node

backstageplugin-catalog-backendRange<1.26.0

VendorProductVersionCPE
backstageplugin-catalog-backend*cpe:2.3:a:backstage:plugin-catalog-backend:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
backstage	plugin-catalog-backend	*	cpe:2.3:a:backstage:plugin-catalog-backend::::::::

References

github.com/advisories/GHSA-3x3f-jcp3-g22j

github.com/backstage/backstage/security/advisories/GHSA-3x3f-jcp3-g22j

nvd.nist.gov/vuln/detail/CVE-2024-45815

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

High

EPSS

Percentile

9.6%

JSON

Related for GHSA-3X3F-JCP3-G22J