📦 Backstage

This vulnerability allows attackers to execute arbitrary Python code on TechDocs build servers when configured with 'runIn: local'. Malicious actors who can modify a repository's mkdocs.yml file can e...

A path traversal vulnerability in Backstage's TechDocs local generator allows attackers to read arbitrary files from the host filesystem when processing documentation from untrusted sources. This affe...

This vulnerability in Backstage's TechDocs plugin allows attackers to access the entire AWS S3 or GCS storage bucket contents when using those providers, bypassing intended permission checks. This aff...