Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-25153

Опубликовано: 30 янв. 2026
Источник: nvd
CVSS3: 7.7
CVSS3: 8.8
EPSS Низкий

Описание

Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with runIn: local, a malicious actor who can submit or modify a repository's mkdocs.yml file can execute arbitrary Python code on the TechDocs build server via MkDocs hooks configuration. @backstage/plugin-techdocs-node versions 1.13.11 and 1.14.1 contain a fix. The fix introduces an allowlist of supported MkDocs configuration keys. Unsupported configuration keys (including hooks) are now removed from mkdocs.yml before running the generator, with a warning logged to indicate which keys were removed. Users of @techdocs/cli should also upgrade to the latest version, which includes the fixed @backstage/plugin-techdocs-node dependency. Some workarounds are available. Configure TechDocs with runIn: docker instead of `runIn:

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:linuxfoundation:backstage:*:*:*:*:*:*:*:*
Версия до 1.13.11 (исключая)
cpe:2.3:a:linuxfoundation:backstage:*:*:*:*:*:*:*:*
Версия от 1.14.0 (включая) до 1.14.1 (исключая)

EPSS

Процентиль: 6%
0.00023
Низкий

7.7 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

redhat логотип

CVE-2026-25153

CVSS3: 7.7
redhat
около 2 месяцев назад

Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with `runIn: local`, a malicious actor who can submit or modify a repository's `mkdocs.yml` file can execute arbitrary Python code on the TechDocs build server via MkDocs hooks configuration. @backstage/plugin-techdocs-node versions 1.13.11 and 1.14.1 contain a fix. The fix introduces an allowlist of supported MkDocs configuration keys. Unsupported configuration keys (including `hooks`) are now removed from `mkdocs.yml` before running the generator, with a warning logged to indicate which keys were removed. Users of `@techdocs/cli` should also upgrade to the latest version, which includes the fixed `@backstage/plugin-techdocs-node` dependency. Some workarounds are available. Configure TechDocs with `runIn: docker` instead of `runI...

github логотип

GHSA-6jr7-99pf-8vgf

CVSS3: 7.7
github
около 2 месяцев назад

@backstage/plugin-techdocs-node vulnerable to arbitrary code execution via MkDocs hooks

EPSS

Процентиль: 6%
0.00023
Низкий

7.7 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-94