@backstage/plugin-scaffolder-backend@0.5.1 vulnerabilities

@backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things

Affected versions of this package are vulnerable to Arbitrary Code Injection due to the usage of insecure sandbox plugin. Exploiting this vulnerability is possible by an attacker with write access to a registered scaffolder template, and it allows manipulation of the template in a way that allows remote code execution.

Note: This was only exploitable in the template YAML definition itself and not by user input data.

Upgrade @backstage/plugin-scaffolder-backend to version 1.15.0 or higher.

@backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things

Affected versions of this package are vulnerable to Remote Code Execution (RCE). The templating library used in this package assumes that templates based on nunjucks are trusted, which is considered as an undesired property.

###Note: This is only exploitable in the template yaml definition itself and not by user input data.

Upgrade @backstage/plugin-scaffolder-backend to version 0.15.14 or higher.

@backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things

Affected versions of this package are vulnerable to Directory Traversal. When a malicious actor has write access to a registered scaffolder template, it is possible to manipulate the template in a way that writes files to arbitrary paths on the host. It is also possible to exploit this through user input when executing a template, without any write permissions. This method will not allow the attacker to control the contents of the injected file however, unless the template is also crafted in a specific way that gives control of the file contents.

Upgrade @backstage/plugin-scaffolder-backend to version 0.15.14 or higher.