Lucene search
K

61 matches found

vulnersOsv
vulnersOsv
added 2024/12/02 9:36 p.m.9 views

@backstage/backend-dynamic-feature-service (>=0.0.0-nightly-20241120023536 <=0.5.1-next.0), @backstage/plugin-scaffolder-backend (>=0.0.0-nightly-20241120023536 <=1.28.0-next.0) +11 more potentially affected by CVE-2024-53983 via @backstage/plugin-scaffolder-node (>=0.6.0 <=0.6.1-next.0)

@backstage/plugin-scaffolder-node NPM version =0.6.0, =0.0.0-nightly-20241120023536, =0.0.0-nightly-20241120023536, =0.0.0-nightly-20241120023536, =0.1.16-next.0 Source cves: CVE-2024-53983 Source advisory: OSV:GHSA-QMC2-JPR5-7RG9...

5.4CVSS5.8AI score0.00368EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/11/29 6:53 p.m.9 views

CVE-2024-53983 Server-side request forgery in Backstage Scaffolder plugin

The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...

5.4CVSS7.3AI score0.00368EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/10/03 4:51 p.m.15 views

Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend

Impact Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema specified that they should have backend or secret...

5.8CVSS6.6AI score0.00365EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/10/03 4:51 p.m.8 views

GHSA-QC4V-XQ2M-65WC Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend

Impact Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema specified that they should have backend or secret...

6.9CVSS5.5AI score0.00365EPSS
Exploits0References4
Veracode
Veracode
added 2024/09/19 4:32 a.m.10 views

Prototype Pollution

@backstage/plugin-catalog-backend is vulnerable to Prototype Pollution. The vulnerability is caused due to improper user input sanitization in the catalog API, which allows an attacker to interrupt the service using a specially crafted query...

6.5CVSS6.5AI score0.00513EPSS
Exploits0References2
Veracode
Veracode
added 2024/09/19 3:50 a.m.9 views

Relative Path Traversal

@backstage/plugin-techdocs-backend is vulnerable to Relative Path Traversal. The vulnerability is caused due to improper validation of file paths, allowing unauthorized access to files in the AWS S3 or GCS storage provider...

6.5CVSS6.6AI score0.00728EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/09/17 8:13 p.m.6 views

CVE-2024-45816 Storage bucket Directory Traversal in @backstage/plugin-techdocs-backend

Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks...

6.5CVSS6.8AI score0.00728EPSS
Exploits0References3
Veracode
Veracode
added 2023/06/27 2:16 p.m.20 views

Arbitrary Code Injection

@backstage/plugin-scaffolder-backend is vulnerable to Arbitrary Code Injection. The vulnerability exists due to sandbox bypass in ScaffolderEntitiesProcessor.js, which allows an attacker with write access to a registered scaffolder template to inject code through the YAML template definition...

9.9CVSS7.1AI score0.01888EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/06/22 2:15 p.m.45 views

CVE-2023-35926

Backstage is an open platform for building developer portals. The Backstage scaffolder-backend plugin uses a templating library that requires sandbox, as it by design allows for code injection. The library used for this sandbox so far has been vm2, but in light of several past vulnerabilities and...

9.9CVSS9AI score0.01888EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/22 1:29 p.m.8 views

CVE-2023-35926 Insecure sandbox in Backstage Scaffolder plugin

Backstage is an open platform for building developer portals. The Backstage scaffolder-backend plugin uses a templating library that requires sandbox, as it by design allows for code injection. The library used for this sandbox so far has been vm2, but in light of several past vulnerabilities and...

8CVSS8AI score0.01888EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/21 12:0 a.m.4 views

PT-2023-25385 · Npm · @Backstage/Plugin-Scaffolder-Backend

Name of the Vulnerable Software and Affected Versions: @backstage/plugin-scaffolder-backend versions prior to 1.15.0 Description: The Backstage scaffolder-backend plugin uses a templating library that requires a sandbox, allowing for code injection. A malicious actor with write access to a...

9.9CVSS9.8AI score0.01888EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2022/06/17 1:11 a.m.9 views

@backstage/plugin-techdocs (>=0.0.0-nightly-2021242250 <=0.0.0-nightly-2020112923923), @backstage/plugin-techdocs-backend (>=0.0.0-nightly-2021112332 <=0.14.1) +1 more potentially affected by unknown CVE via @backstage/techdocs-common (>=0.0.0-nightly-20220923026 <=0.11.15)

@backstage/techdocs-common NPM version =0.0.0-nightly-20220923026, =0.0.0-nightly-2021242250, =0.0.0-nightly-2021112332, =0.0.0-nightly-2022122206, =0.8.16 Source cves: unknown CVE Source advisory: OSV:GHSA-4JQC-JVH2-PXG9...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/06/17 1:11 a.m.6 views

@backstage-community/plugin-techdocs-backend-module-confluence (>=0.2.0 <=0.2.1), @backstage/plugin-search-backend-module-techdocs (>=0.0.0-nightly-20230323021924 <=0.4.15-next.0) +13 more potentially affected by unknown CVE via @backstage/plugin-techdocs-node (>=0.0.0-nightly-20220315022536 <=1.1.2-next.2)

@backstage/plugin-techdocs-node NPM version =0.0.0-nightly-20220315022536, =0.2.0, =0.0.0-nightly-20230323021924, =0.0.0-nightly-202111212297, =0.0.0-nightly-20220305022735, =1.0.0, =1.0.1, =1.6.0, =0.0.4, =1.9.1, =1.0.1, =1.0.1, =0.0.0-nightly-2022122206, =0.1.5, =0.1.2, =1.1.0 Source cves:...

5.7AI score
Exploits0
Veracode
Veracode
added 2021/12/02 4:40 a.m.13 views

Remote Code Execution (RCE)

@backstage/plugin-scaffolder-backend is vulnerable to remote code execution attacks. A malicious user with write access to a registered scaffolder template could manipulate the template...

2.6AI score
Exploits0
Github Security Blog
Github Security Blog
added 2021/12/01 6:29 p.m.37 views

Cross-Site Scripting vulnerability in @backstage/plugin-auth-backend

Impact This vulnerability allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other secrets from the user's browser. The default CSP does prevent this attack, but i...

7.4CVSS2.6AI score0.00656EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/12/01 6:29 p.m.16 views

RCE vulnerability affecting v1beta3 templates in @backstage/plugin-scaffolder-backend

The templating library used by the scaffolder backend assumes that templates are trusted which is an undesired property of the scaffolder-backend. This has now been mitigated by sandboxing the template code execution. Impact A malicious actor with write access to a registered scaffolder template...

1.4AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2021/12/01 6:28 p.m.46 views

Path Traversal in @backstage/plugin-scaffolder-backend

Impact A malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend host instance. This vulnerability can in some situation also be exploited through user input when executing a...

8.5CVSS2.3AI score0.01206EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/11/29 7:20 p.m.30 views

CVE-2021-43783 Path Traversal in @backstage/plugin-scaffolder-backend

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend...

8.5CVSS8.5AI score0.01206EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/26 6:15 p.m.58 views

CVE-2021-43776 XSS vulnerability in @backstage/plugin-auth-backend

Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other...

7.4CVSS7.2AI score0.00656EPSS
Exploits0References2
NVD
NVD
added 2021/10/18 9:15 p.m.31 views

CVE-2021-41151

Backstage is an open platform for building developer portals. In affected versions A malicious actor could read sensitive files from the environment where Scaffolder Tasks are run. The attack is executed by crafting a custom Scaffolder template with a github:publish:pull-request action and a...

6.8CVSS0.01273EPSS
Exploits0References2
Rows per page
Query Builder