CVE-2024-45816: 
JavaScript vulnerability analysis and mitigation

Backstage, an open framework for building developer portals, disclosed a directory traversal vulnerability (CVE-2024-45816) affecting its TechDocs functionality. When using the AWS S3 or GCS storage provider for TechDocs, the vulnerability allows unauthorized access to content in the entire storage bucket. The issue was discovered and disclosed on September 17, 2024, affecting versions prior to 1.10.13 of the @backstage/plugin-techdocs-backend package (GitHub Advisory).

The vulnerability is classified as a path traversal issue (CWE-22/CWE-23) with a CVSS v3.1 base score of 6.5 (Medium), characterized by the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. This indicates that the vulnerability can be exploited over the network with low attack complexity, requires low privileges, and needs no user interaction. The vulnerability primarily impacts confidentiality, with no direct effect on integrity or availability (NVD).

The vulnerability enables unauthorized access to the entire storage bucket content when using AWS S3 or GCS storage providers for TechDocs. This can result in the exposure of sensitive information stored in the bucket that was not intended to be accessible. Additionally, the vulnerability allows attackers to bypass permission checks implemented in Backstage (GitHub Advisory).

The vulnerability has been patched in version 1.10.13 of the @backstage/plugin-techdocs-backend package. All users are advised to upgrade to this version or later. There are no known workarounds for this vulnerability (GitHub Advisory).