Skip to content

@backstage/plugin-techdocs-backend storage bucket Directory Traversal vulnerability

Moderate severity GitHub Reviewed Published Sep 17, 2024 in backstage/backstage • Updated Sep 17, 2024

Package

npm @backstage/plugin-techdocs-backend (npm)

Affected versions

< 1.10.13

Patched versions

1.10.13

Description

Impact

When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks in Backstage.

Patches

This has been fixed in the 1.10.13 release of the @backstage/plugin-techdocs-backend package.

References

If you have any questions or comments about this advisory:

Open an issue in the Backstage repository
Visit our Discord, linked to in Backstage README

References

@Rugvip Rugvip published to backstage/backstage Sep 17, 2024
Published by the National Vulnerability Database Sep 17, 2024
Published to the GitHub Advisory Database Sep 17, 2024
Reviewed Sep 17, 2024
Last updated Sep 17, 2024

Severity

Moderate

EPSS score

0.050%
(20th percentile)

Weaknesses

CVE ID

CVE-2024-45816

GHSA ID

GHSA-39v3-f278-vj3g

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.