Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.
Selected category
4 Dec 2024
DevOps
Backstage: SSTI Vulnerability in Backstage Scaffolder Plugin
In Backstage Scaffolder Plugin versions prior to 0.4.12, from 0.5.0 before 0.5.1 and from 0.6.0 before 0.6.1 a medium severity vulnerability CVE-2024-53983 was detected. This vulnerability allows attackers to exploit Server-Side Template Injection (SSTI) to perform Git config injection, enabling the capture of privileged Git tokens and unauthorized access to sensitive resources. To address this issue, users must upgrade to versions 0.4.12, 0.5.1 or 0.6.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-53983.
Read more Backup and Recovery