Upgrade @backstage/techdocs-common to version 0.6.3 or higher.

ec2-metadata@1.7.1 vulnerabilities

An easy interface to query the EC2 metadata API, with caching.

2.14.0

7 years ago

4 months ago

Known vulnerabilities in the ec2-metadata package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Server-side request forgery (SSRF) ec2-metadata is an interface to query the EC2 metadata API (version 2), with caching. Affected versions of this package are vulnerable to Server-side request forgery (SSRF) due to using an insecure instance of Metadata Service. How to fix Server-side request forgery (SSRF)? Upgrade `ec2-metadata` to version 2.2.0 or higher.	[,2.2.0)