4 matches found
CVE-2026-32236
A server side request forgery flaw has been discovered in the npm @backstage/plugin-auth-backend package. The CIMD metadata fetch validates the initial clientid hostname against private IP ranges but does not apply the same validation after HTTP redirects. The practical impact is limited. The...
CVE-2026-32236
Backstage is an open framework for building developer portals. Prior to 0.27.1, a Server-Side Request Forgery SSRF vulnerability exists in @backstage/plugin-auth-backend when auth.experimentalClientIdMetadataDocuments.enabled is set to true. The CIMD metadata fetch validates the initial clientid...
Open Redirect
Overview @backstage/plugin-auth-backend is an A Backstage backend plugin that handles authentication Affected versions of this package are vulnerable to Open Redirect via the OAuth redirect URI validation bypass. An attacker can intercept authorization codes by crafting a redirect URI that bypass...
@backstage/plugin-auth-backend (>=0.0.0-nightly-20240122021809 <=0.24.5), @backstage/plugin-auth-backend-module-aws-alb-provider (>=0.0.0-nightly-20240126021148 <=0.4.16-next.0) +9 more potentially affected by CVE-2021-43776 via @backstage/plugin-auth-backend (>=0.0.0-nightly-20240929023448 <=0.4.10)
@backstage/plugin-auth-backend NPM version =0.0.0-nightly-20240929023448, =0.0.0-nightly-20240122021809, =0.0.0-nightly-20240126021148, =0.0.0-nightly-20240122021809, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =5.0.0-alpha.1, =1.0.0, =0.2.0, =1.0.0, =1.2.0...