27 matches found
CVE-2026-32237
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
Symlink Attack
Overview @backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things Affected versions of this package are vulnerable to Symlink Attack via multiple actions, including debug:log, fs:delete, and archive extraction. A user who create and execute Scaffolde...
@alithya-oss/backstage-plugin-scaffolder-backend-module-aws-apps (>=0.3.10 <=0.3.12), @alithya-oss/plugin-scaffolder-backend-module-aws-apps (>=0.3.6 <=0.3.9) +55 more potentially affected by CVE-2026-24046 via @backstage/plugin-scaffolder-backend (>=0.0.0-nightly-20220708025041 <=1.33.0)
@backstage/plugin-scaffolder-backend NPM version =0.0.0-nightly-20220708025041, =0.3.10, =0.3.6, =0.1.0, =0.4.0, =0.0.0-nightly-2021712211, =0.0.0-nightly-20230325022054, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-20230112022659, =0.0.0-nightly-2022122206, =0.4.3, =0.4.7...
@backstage-community/plugin-scaffolder-backend-module-amplication (=0.4.0), @backstage-community/plugin-scaffolder-backend-module-annotator (=2.9.0) +33 more potentially affected by CVE-2026-24046 via @backstage/plugin-scaffolder-node (>=0.0.0-nightly-20240929023448 <=0.11.1-next.0)
@backstage/plugin-scaffolder-node NPM version =0.0.0-nightly-20240929023448, =2.8.0, =0.0.0-nightly-20240116021644, =0.0.0-nightly-2022122206, =0.0.0-nightly-20231213021616, =0.0.0-nightly-20231213021616, =0.3.14-next.0 and more...
@backstage-community/plugin-scaffolder-backend-module-amplication (=0.4.0), @backstage-community/plugin-scaffolder-backend-module-annotator (=2.9.0) +33 more potentially affected by CVE-2026-24046 via @backstage/plugin-scaffolder-node (>=0.0.0-nightly-20240929023448 <=0.11.1-next.0)
@backstage/plugin-scaffolder-node NPM version =0.0.0-nightly-20240929023448, =2.8.0, =0.0.0-nightly-20240116021644, =0.0.0-nightly-2022122206, =0.0.0-nightly-20231213021616, =0.0.0-nightly-20231213021616, =0.3.14-next.0 and more...
CVE-2026-24046 Backstage has a Possible Symlink Path Traversal in Scaffolder Actions
Backstage is an open framework for building developer portals. Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to read arbitrary files vi...
EUVD-2024-3501
Malicious code in bioql PyPI...
CVE-2025-55285
@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If $ secrets.x is not passed...
CVE-2025-55285 @backstage/plugin-scaffolder-backend Template Secret Leakage in Logs in Scaffolder When Using `fetch:template`
@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If $ secrets.x is not passed...
CVE-2025-55285
The CVE-2025-55285 issue affects the Backstage scaffolder-backend plugin. Before version 2.1.1, the fetch:template action could duplicate the input log path, causing some secrets passed via the {{ secrets }} bag to be written to logs instead of being redacted. Affected product: @backstage/plugin-...
CVE-2024-53983
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...
CVE-2025-32791
The Backstage Scaffolder plugin houses types and utilities for building scaffolder-related modules. A vulnerability in the Backstage permission plugin backend allows callers to extract some information about the conditional decisions returned by the permission policy installed in the permission...
CVE-2025-32791
The Backstage Scaffolder plugin houses types and utilities for building scaffolder-related modules. A vulnerability in the Backstage permission plugin backend allows callers to extract some information about the conditional decisions returned by the permission policy installed in the permission...
@alithya-oss/backstage-plugin-scaffolder-backend-module-aws-apps (>=0.3.10 <=0.3.12), @alithya-oss/plugin-scaffolder-backend-module-aws-apps (>=0.3.6 <=0.3.9) +106 more potentially affected by CVE-2024-53983 via @backstage/plugin-scaffolder-node (>=0.0.0-nightly-20240929023448 <=0.3.3)
@backstage/plugin-scaffolder-node NPM version =0.0.0-nightly-20240929023448, =0.3.10, =0.3.6, =0.5.0, =0.1.0, =0.4.0, =0.4.0, =0.5.0, =0.5.0, =2.1.0, =0.4.0, =2.9.0, =0.12.0, =0.4.0, =0.5.0, =0.14.0 and more Source cves: CVE-202...
GHSA-QMC2-JPR5-7RG9 Backstage Scaffolder plugin vulnerable to Server-Side Request Forgery
Impact A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an attacker to capture privileged git tokens used by the Backstage Scaffolder plugin. With these...
CVE-2024-53983
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...
CVE-2024-53983 Server-side request forgery in Backstage Scaffolder plugin
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...