Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:50 p.m.6 views

CVE-2021-43783

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend...

8.5CVSS6.8AI score0.01206EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/12/01 6:28 p.m.11 views

@backstage/plugin-scaffolder-backend-module-confluence-to-markdown (>=0.0.0-nightly-20230325022054 <=0.0.0-nightly-20230801022410), @backstage/plugin-scaffolder-backend-module-cookiecutter (>=0.0.0-nightly-2022122206 <=0.1.0) +3 more potentially affected by CVE-2021-43783 via @backstage/plugin-scaffolder-backend (>=0.0.0-nightly-20220708025041 <=0.14.2)

@backstage/plugin-scaffolder-backend NPM version =0.0.0-nightly-20220708025041, =0.0.0-nightly-20230325022054, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-20230112022659, =0.0.0-nightly-2022122206, =0.0.0-nightly-20230123022600 Source cves: CVE-2021-43783 Source advisory:...

8.5CVSS7.2AI score0.01206EPSS
Exploits0
Circl
Circl
added 2021/11/29 10:33 p.m.7 views

CVE-2021-43783

creationtimestamp| type| source ---|---|--- 2021-11-29 22:33:31+00:00| seen| https://t.me/cibsecurity/33053...

8.5CVSS8AI score0.01206EPSS
Exploits0References1
NVD
NVD
added 2021/11/29 8:15 p.m.30 views

CVE-2021-43783

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend...

8.5CVSS0.01206EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/29 7:20 p.m.32 views

CVE-2021-43783 Path Traversal in @backstage/plugin-scaffolder-backend

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend...

8.5CVSS8.5AI score0.01206EPSS
Exploits0References2
CVE
CVE
added 2021/11/29 7:20 p.m.66 views

CVE-2021-43783

CVE-2021-43783 affects the Backstage scaffolder backend: in affected versions, a malicious actor with write access to a registered scaffolder template can manipulate the template to write files to arbitrary paths on the scaffolder-backend host. In some cases, exploitation is possible via user inp...

8.5CVSS8.3AI score0.01206EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder