5 matches found
CVE-2025-32791 Permission policy information leakage in Backstage permission system
The Backstage Scaffolder plugin houses types and utilities for building scaffolder-related modules. A vulnerability in the Backstage permission plugin backend allows callers to extract some information about the conditional decisions returned by the permission policy installed in the permission...
CVE-2025-32791 Permission policy information leakage in Backstage permission system
The Backstage Scaffolder plugin houses types and utilities for building scaffolder-related modules. A vulnerability in the Backstage permission plugin backend allows callers to extract some information about the conditional decisions returned by the permission policy installed in the permission...
CVE-2025-32791
The CVE-2025-32791 relates to information leakage in the Backstage permission backend (Backstage permission plugin). Affected component: the permission backend’s handling of conditional decisions. Root cause (as described): callers can extract information about conditional decisions returned by t...
CVE-2025-32791 Permission policy information leakage in Backstage permission system
The Backstage Scaffolder plugin houses types and utilities for building scaffolder-related modules. A vulnerability in the Backstage permission plugin backend allows callers to extract some information about the conditional decisions returned by the permission policy installed in the permission...
GHSA-F8J4-P5CR-P777 Permission policy information leakage in Backstage permission system
Impact A vulnerability in the Backstage permission plugin backend allows callers to extract some information about the conditional decisions returned by the permission policy installed in the permission backend. If the permission system is not in use or if the installed permission policy does not...