3 matches found
CVE-2024-45816
In Backstage, the vulnerability CVE-2024-45816 affects the techdocs-backend plugin when using AWS S3 or GCS storage providers. The root cause is directory traversal through TechDocs storage access, allowing an attacker to read content across the entire storage bucket and bypass Backstage permissi...
CVE-2024-45816 Storage bucket Directory Traversal in @backstage/plugin-techdocs-backend
Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks...
CVE-2024-45816 Storage bucket Directory Traversal in @backstage/plugin-techdocs-backend
Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks...