pkg:npm/@backstage/plugin-scaffolder-backend

共 7 筆 CVEHIGH3MEDIUM2LOW2

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.5CVE-2021-43783Path Traversal in @backstage/plugin-scaffolder-backend
    from 0, < 0.15.14
  • HIGH8.0CVE-2023-35926Backstage Scaffolder plugin has insecure sandbox
    from 0, < 1.15.0
  • HIGH7.1CVE-2026-24046Backstage has a Possible Symlink Path Traversal in Scaffolder Actions
    from 0, < 2.2.2
  • MEDIUM6.8CVE-2021-41151Path Traversal in @backstage/plugin-scaffolder-backend
    >= 0.9.4, < 0.15.9
  • MEDIUM4.4CVE-2026-32237@backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
    >= 3.1.0, < 3.1.5
  • LOW2.6CVE-2025-55285Template Secret leakage in logs in Scaffolder when using `fetch:template`
    from 0, < 2.1.1
  • LOW2.0CVE-2026-29184@backstage/plugin-scaffolder-backend Vulnerable to Potential Session Token Exfiltration via Log Redaction Bypass
    from 0, < 3.1.4