Backup and Recovery Archives - Proactive Insights and Support For Open-Source Applications

Selected category

Communication
- Communication
Communication and Collaboration
- Communication
Specialized Software
- Educational
- Graphic Design
Business and Enterprise Solutions
Project and Agile Management
- Project Management
- IT Business Management
Infrastructure and Network
DevOps
Data Management and Analytics

4 Dec 2024 DevOps

Backstage: SSTI Vulnerability in Backstage Scaffolder Plugin

In Backstage Scaffolder Plugin versions prior to 0.4.12, from 0.5.0 before 0.5.1 and from 0.6.0 before 0.6.1 a medium severity vulnerability CVE-2024-53983 was detected. This vulnerability allows attackers to exploit Server-Side Template Injection (SSTI) to perform Git config injection, enabling the capture of privileged Git tokens and unauthorized access to sensitive resources. To address this issue, users must upgrade to versions 0.4.12, 0.5.1 or 0.6.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-53983.