Path traversal vulnerabilities in @backstage/backend-common prior to versions 0.21.1, 0.20.2, and 0.19.10
CVE-2024-26150

7.5HIGH

Key Information:

Vendor

Backstage

Status
Backstage
Vendor
CVE Published:
23 February 2024

What is CVE-2024-26150?

@backstage/backend-common is a shared library used in Backstage, which is an open platform aimed at building developer portals. Prior to versions 0.21.1, 0.20.2, and 0.19.10, the library exhibited insufficient path checks through the utility resolveSafeChildPath. This inadequacy posed a risk for path traversal attacks, specifically when attackers could inject symbolic links into the system. Users of the affected versions should apply the available patches to mitigate this security issue effectively.

Affected Version(s)

backstage = 0.21.0 = 0.21.0

backstage < 0.19.10 < 0.19.10

backstage >= 0.20.0, < 0.20.2 < 0.20.0, 0.20.2

References

https://github.com/backstage/backstage/security/advisorie...
x_refsource_CONFIRM
https://github.com/backstage/backstage/commit/1ad2b1b61eb...
x_refsource_MISC
https://github.com/backstage/backstage/commit/78f892b3a84...
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.