Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/03/26 6:50 p.m.0 views

Prototype Pollution

Overview convict is a package that expands on the standard pattern of configuring node.js applications in a way that is more robust and accessible to collaborators, who may have less interest in digging through imperative code in order to inspect or modify settings. By introducing a configuration...

9.4CVSS6.5AI score
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-3111

Malicious code in bioql PyPI...

5.8CVSS5.9AI score0.00188EPSS
Exploits0References4
Veracode
Veracodeadded 2024/10/08 1:3 p.m.5 views

Expected Behavior Violation

@backstage/plugin-app-backend is vulnerable to Expected Behavior Violation. The vulnerability is due to the handling of APPCONFIG environment variables, which ignores the visibility defined in the configuration schema. Note: This was an intended feature of the APPCONFIG way of supplying...

5.8CVSS6.6AI score0.00188EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2024/10/03 8:56 p.m.11 views

CVE-2024-47762

A flaw was found in the backstage/plugin-app-backend package. Configurations supplied through APPCONFIG environment variables unexpectedly ignore the visibility defined in the configuration schema, potentially exposing sensitive configuration details intended to remain private or restricted to...

5.8CVSS6.4AI score0.00188EPSS
Exploits0References5
NVD
NVDadded 2024/10/03 6:15 p.m.9 views

CVE-2024-47762

Backstage is an open framework for building developer portals. Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema...

5.8CVSS0.00188EPSS
Exploits0References2
OSV
OSVadded 2024/10/03 5:14 p.m.9 views

CVE-2024-47762 Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend

Backstage is an open framework for building developer portals. Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema...

5.8CVSS5.7AI score0.00188EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2024/10/03 4:51 p.m.13 views

Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend

Impact Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema specified that they should have backend or secret...

5.8CVSS6.6AI score0.00188EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder