37 matches found
CVE-2026-32237
A data exposure flaw has been discovered in the @backstage/plugin-scaffolder-backend npm library. Authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log outp...
CVE-2026-32237
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237
Backstage vulnerability CVE-2026-32237 affects the @backstage/plugin-scaffolder-backend prior to 3.1.5. Authenticated users with permission to run scaffolder dry-runs can access server-configured environment secrets via the dry-run API response; secrets are redacted in logs but not in all respons...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview @backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the dry-run endpoint when secrets configured in...
CVE-2026-29184
Summary: CVE-2026-29184 affects Backstage, specifically the @backstage/plugin-scaffolder-backend. Before version 3.1.4, a malicious scaffolder template can bypass the log redaction mechanism, enabling exfiltration of secrets from task event logs. The issue is addressed in version 3.1.4. What is a...
@mrackoa/backstage-plugin-scaffolder-backend-module-slack (>=4.0.0 <=5.0.0), @red-hat-developer-hub/backstage-plugin-orchestrator-backend (>=8.4.0 <=8.6.7) potentially affected by CVE-2026-29184 via @backstage/plugin-scaffolder-backend (=3.0.3)
@backstage/plugin-scaffolder-backend NPM version =3.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on @backstage/plugin-scaffolder-backend and may be impacted: - @mrackoa/backstage-plugin-scaffolder-backend-module-slack =4.0.0, =8.4.0, =8.6.7 Source...
GHSA-8QP7-FHR9-FW53 @backstage/plugin-scaffolder-backend Vulnerable to Potential Session Token Exfiltration via Log Redaction Bypass
Impact A malicious scaffolder template can bypass the log redaction mechanism to exfiltrate secrets provided run through task event logs. The attack requires: - The ability to register a template in the catalog - A victim who executes the malicious template Patches Patched in...
Insertion of Sensitive Information into Log File
Overview @backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the log redaction mechanism in task event logs. An attacker can access sensitiv...
@backstage/plugin-scaffolder-backend Vulnerable to Potential Session Token Exfiltration via Log Redaction Bypass
Impact A malicious scaffolder template can bypass the log redaction mechanism to exfiltrate secrets provided run through task event logs. The attack requires: - The ability to register a template in the catalog - A victim who executes the malicious template Patches Patched in...
Symlink Attack
Overview @backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things Affected versions of this package are vulnerable to Symlink Attack via multiple actions, including debug:log, fs:delete, and archive extraction. A user who create and execute Scaffolde...
@alithya-oss/backstage-plugin-scaffolder-backend-module-aws-apps (>=0.3.10 <=0.3.12), @alithya-oss/plugin-scaffolder-backend-module-aws-apps (>=0.3.6 <=0.3.9) +58 more potentially affected by CVE-2026-24046 via @backstage/plugin-scaffolder-backend (>=0.0.0-nightly-20220708025041 <=1.33.0)
@backstage/plugin-scaffolder-backend NPM version =0.0.0-nightly-20220708025041, =0.3.10, =0.3.6, =0.1.0, =0.4.0, =0.0.0-nightly-2021712211, =0.0.0-nightly-20230325022054, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-20230112022659, =0.0.0-nightly-2022122206, =0.4.3, =1.1.2...
EUVD-2025-25046
Malicious code in bioql PyPI...
Sensitive Information Disclosure
@backstage/plugin-scaffolder-backend is vulnerable to Sensitive Information Disclosure. The vulnerability is due to duplicate logging of input values in the fetch:template action, which could expose sensitive data if $ secrets.x is used as an argument...
GHSA-3X3Q-GHCP-WHF7 Template Secret leakage in logs in Scaffolder when using `fetch:template`
A logging flaw in Backstage Scaffolder’s fetch:template action up to @backstage/plugin-scaffolder-backend 2.1.0 may write template secrets to logs. The action emitted a duplicate, pre-redaction copy of input parameters, so values provided via the secrets bag could appear in local/server logs when...
Insertion of Sensitive Information into Log File
Overview @backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the fetch:template action, which duplicates logging of the input values. An...
CVE-2025-55285
@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If $ secrets.x is not passed...
CVE-2025-55285
The CVE-2025-55285 issue affects the Backstage scaffolder-backend plugin. Before version 2.1.1, the fetch:template action could duplicate the input log path, causing some secrets passed via the {{ secrets }} bag to be written to logs instead of being redacted. Affected product: @backstage/plugin-...