Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal in @backstage/plugin-scaffolder-backend
Vulnerability Description
Backstage is an open platform for building developer portals. In affected versions A malicious actor could read sensitive files from the environment where Scaffolder Tasks are run. The attack is executed by crafting a custom Scaffolder template with a `github:publish:pull-request` action and a particular source path. When the template is executed the sensitive files would be included in the published pull request. This vulnerability is mitigated by the fact that an attacker would need access to create and register templates in the Backstage catalog, and that the attack is very visible given that the exfiltration happens via a pull request. The vulnerability is patched in the `0.15.9` release of `@backstage/plugin-scaffolder-backend`.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
backstage 路径遍历漏洞
Vulnerability Description
backstage是一个应用软件。后台是一个开放的平台,用于构建开发者门户 Backstage 存在路径遍历漏洞,该漏洞源于可以从运行 Scaffolder Tasks 的环境中读取敏感文件。 攻击是通过使用 `github:publish:pull-request` 操作和特定源路径制作自定义 Scaffolder 模板来执行的。 执行模板时,敏感文件将包含在已发布的拉取请求中。 由于攻击者需要访问权限才能在 Backstage 目录中创建和注册模板,并且由于通过拉取请求进行渗透,因此攻击非常明显,因此
CVSS Information
N/A
Vulnerability Type
N/A