@backstage/core-components@0.12.1-next.1 vulnerabilities
Core components used by Backstage plugins and apps
-
latest version
0.15.1
-
latest non vulnerable version
-
first published
3 years ago
-
latest version published
24 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @backstage/core-components package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
@backstage/core-components is a Core components used by Backstage plugins and apps Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization, which allows an attacker with access to add or modify content in an instance of the backstage software to inject a malicious script via the URLs in the entities of the catalog. How to fix Cross-site Scripting (XSS)? Upgrade |
>=0.1.0 <0.12.4
|