4 matches found
@backstage/plugin-search-backend-module-techdocs (>=0.0.0-nightly-20230323021924 <=0.4.9-next.1), @backstage/plugin-techdocs-backend (>=0.0.0-nightly-20220305022735 <=2.1.4-next.2) +2 more potentially affected by CVE-2026-25152 via @backstage/plugin-techdocs-node (>=0.0.0-nightly-20220315022536 <=1.13.11-next.0)
@backstage/plugin-techdocs-node NPM version =0.0.0-nightly-20220315022536, =0.0.0-nightly-20230323021924, =0.0.0-nightly-20220305022735, =0.0.0-nightly-20220305022735, =0.0.0-nightly-20220305022735, =1.10.4-next.2 Source cves: CVE-2026-25152 Source advisory: OSV:GHSA-W669-JJ7H-88M9...
CVE-2026-25152
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, a path traversal vulnerability in the TechDocs local generator allow...
CVE-2026-25152
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, a path traversal vulnerability in the TechDocs local generator allow...
@backstage/plugin-search-backend-module-techdocs (>=0.4.9-next.0 <=0.4.9-next.1), @backstage/plugin-techdocs-backend (>=0.0.0-nightly-20251222025103 <=2.1.4-next.2) +2 more potentially affected by CVE-2026-25152 via @backstage/plugin-techdocs-node (>=1.0.0 <=1.13.11-next.0)
@backstage/plugin-techdocs-node NPM version =1.0.0, =0.4.9-next.0, =0.0.0-nightly-20251222025103, =0.11.13, =0.0.0-nightly-20241120023536, =1.10.4-next.2 Source cves: CVE-2026-25152 Source advisory: SNYK:JS-BACKSTAGEPLUGINTECHDOCSNODE-15166605...