Vulnerabilidades em backstage
24 resultadosCVE-2023-35926HIGHInsecure sandbox in Backstage Scaffolder pluginEPSS 1.9%CVE-2021-32662MEDIUMTechDocs mkdocs.yml path traversalEPSS 1.3%CVE-2021-41151MEDIUMPath Traversal in @backstage/plugin-scaffolder-backendEPSS 1.3%CVE-2021-32660MEDIUMTechDocs content sanitization bypassEPSS 1.3%CVE-2021-32661MEDIUMTechDocs object element script injectionEPSS 1.2%CVE-2021-43783HIGHPath Traversal in @backstage/plugin-scaffolder-backendEPSS 1.2%CVE-2024-26150HIGH`@backstage/backend-common` vulnerable to path traversal through symlinksEPSS 0.8%CVE-2024-45816MEDIUMStorage bucket Directory Traversal in @backstage/plugin-techdocs-backendEPSS 0.7%CVE-2021-43776HIGHXSS vulnerability in @backstage/plugin-auth-backendEPSS 0.7%CVE-2024-45815MEDIUMPrototype pollution in @backstage/plugin-catalog-backendEPSS 0.5%CVE-2026-29186HIGH@backstage/plugin-techdocs-node: TechDocs Mkdocs Configuration Key Enables Arbitrary Code ExecutionEPSS 0.5%CVE-2023-25571MEDIUMBackstage has XSS Vulnerability in Software CatalogEPSS 0.5%CVE-2026-24047MEDIUM@backstage/cli-common has a possible `resolveSafeChildPath` Symlink Chain BypassEPSS 0.4%CVE-2026-24046HIGHBackstage has a Possible Symlink Path Traversal in Scaffolder ActionsEPSS 0.4%CVE-2026-25152MEDIUM@backstage/plugin-techdocs-node vulnerable to possible Path Traversal in TechDocs Local GeneratorEPSS 0.4%CVE-2024-53983MEDIUMServer-side request forgery in Backstage Scaffolder pluginEPSS 0.4%CVE-2024-47762MEDIUMUnexpected visibility of environment variable configurations in @backstage/plugin-app-backendEPSS 0.4%CVE-2026-25153HIGH@backstage/plugin-techdocs-node vulnerable to arbitrary code execution via MkDocs hooksEPSS 0.4%CVE-2026-29185LOW@backstage/integration: Potential reading of SCM URLs using built in tokenEPSS 0.3%CVE-2024-46976MEDIUMCircumvention of cross site scripting Protection in @backstage/plugin-techdocs-backendEPSS 0.3%