npm package
@backstage/plugin-catalog-backend-module-unprocessed
pkg:npm/%40backstage/plugin-catalog-backend-module-unprocessed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-44374 | Med | 4.3 | < 0.6.11 | 0.6.11 | May 14, 2026 | Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permission authorization checks. Any authenticated user can access unprocessed entity rec |
- affected < 0.6.11fixed 0.6.11
Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permission authorization checks. Any authenticated user can access unprocessed entity rec