npm package
@backstage/plugin-catalog-unprocessed-entities
pkg:npm/%40backstage/plugin-catalog-unprocessed-entities
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-44374 | Med | 4.3 | < 0.2.30 | 0.2.30 | May 14, 2026 | Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permission authorization checks. Any authenticated user can access unprocessed entity rec |
- affected < 0.2.30fixed 0.2.30
Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permission authorization checks. Any authenticated user can access unprocessed entity rec