npm package
@backstage/backend-app-api
pkg:npm/%40backstage/backend-app-api
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-6944 | — | < 0.5.9-next.1 | 0.5.9-next.1 | Jan 4, 2024 | A flaw was found in the Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access |
- CVE-2023-6944Jan 4, 2024affected < 0.5.9-next.1fixed 0.5.9-next.1
A flaw was found in the Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access