CVE-2024-26150
8.7
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Summary
@backstage/backend-common is a common functionality library for backends for Backstage, an open platform for building developer portals. In @backstage/backend-common prior to versions 0.21.1, 0.20.2, and 0.19.10, paths checks with the resolveSafeChildPath utility were not exhaustive enough, leading to risk of path traversal vulnerabilities if symlinks can be injected by attackers. This issue is patched in @backstage/backend-common versions 0.21.1, 0.20.2, and 0.19.10.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| backstage | backstage | = 0.21.0 | affected |
| backstage | backstage | < 0.19.10 | affected |
| backstage | backstage | >= 0.20.0, < 0.20.2 | affected |
Weaknesses
- CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://github.com/backstage/backstage/security/advisories/GHSA-2fc9-xpp8-2g9h
- https://github.com/backstage/backstage/commit/1ad2b1b61ebb430051f7d804b0cc7ebfe7922b6f
- https://github.com/backstage/backstage/commit/78f892b3a84d63de2ba167928f171154c447b717
- https://github.com/backstage/backstage/commit/edf65d7d31e027599c2415f597d085ee84807871
References
- https://github.com/backstage/backstage/security/advisories/GHSA-2fc9-xpp8-2g9h
- https://github.com/backstage/backstage/commit/1ad2b1b61ebb430051f7d804b0cc7ebfe7922b6f
- https://github.com/backstage/backstage/commit/78f892b3a84d63de2ba167928f171154c447b717
- https://github.com/backstage/backstage/commit/edf65d7d31e027599c2415f597d085ee84807871
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.