1.11.4
4 years ago
5 days ago
Known vulnerabilities in the @backstage/plugin-techdocs-backend package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
@backstage/plugin-techdocs-backend is a The Backstage backend plugin that renders technical documentation for your components Affected versions of this package are vulnerable to Protection Mechanism Failure in the TechDocs content. The victim's browser will be executed when browsing documentation or navigating to an attacker-provided link. Note: This is only exploitable if the attacker has control of the contents of the TechDocs storage buckets How to fix Protection Mechanism Failure? Upgrade | <1.10.13 |
@backstage/plugin-techdocs-backend is a The Backstage backend plugin that renders technical documentation for your components Affected versions of this package are vulnerable to Relative Path Traversal when using the AWS S3 or GCS storage provider for TechDocs. How to fix Relative Path Traversal? Upgrade | <1.10.13 |