{"id":"CVE-2026-29185","summary":"@backstage/integration: Potential reading of SCM URLs using built in token","details":"Backstage is an open framework for building developer portals. Prior to version 1.20.1, a vulnerability in the SCM URL parsing used by Backstage integrations allowed path traversal sequences in encoded form to be included in file paths. When these URLs were processed by integration functions that construct API URLs, the traversal segments could redirect requests to unintended SCM provider API endpoints using the configured server-side integration credentials. This issue has been patched in version 1.20.1.","aliases":["GHSA-95v5-prp4-5gv5"],"modified":"2026-04-10T05:41:38.198685Z","published":"2026-03-07T15:02:04.986Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/29xxx/CVE-2026-29185.json","cwe_ids":["CWE-22"],"cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/29xxx/CVE-2026-29185.json"},{"type":"ADVISORY","url":"https://github.com/backstage/backstage/security/advisories/GHSA-95v5-prp4-5gv5"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29185"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/backstage/backstage","events":[{"introduced":"0"},{"fixed":"9473085f622fea246e26189e63f56b765c276488"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.20.1"}]}}],"versions":["cli-old-cache-watch","hackweek-demo","release-2021-01-07","release-2021-01-08","release-2021-01-09","release-2021-01-14","release-2021-01-14.1","release-2021-01-18","release-2021-01-20","release-2021-01-21","release-2021-01-21.1","release-2021-01-28","release-2021-01-29","release-2021-02-01","release-2021-02-03","release-2021-02-05","release-2021-02-11","release-2021-02-16","release-2021-02-18","release-2021-02-23","release-2021-03-04","release-2021-03-09","release-2021-03-11","release-2021-03-11.1","release-2021-03-16","release-2021-03-17","release-2021-03-18","release-2021-03-19","release-2021-03-25","release-2021-03-31","release-2021-03-31.1","release-2021-04-08","release-2021-04-13","release-2021-04-15","release-2021-04-21","release-2021-04-22","release-2021-04-22.1","release-2021-04-29","release-2021-05-04","release-2021-05-06","release-2021-05-10","release-2021-05-11","release-2021-05-12","release-2021-05-12.1","release-2021-05-17","release-2021-05-20","release-2021-05-20.1","release-2021-05-27","release-2021-05-31","release-2021-06-01","release-2021-06-03","release-2021-06-10","release-2021-06-10.1","release-2021-06-17","release-2021-06-17.1","release-2021-06-18","release-2021-06-21","release-2021-06-21.1","release-2021-06-24","release-2021-06-28","release-2021-07-01","release-2021-07-07","release-2021-07-08","release-2021-07-14","release-2021-07-14.1","release-2021-07-15","release-2021-07-16","release-2021-07-22","release-2021-07-29","release-2021-08-03","release-2021-08-05","release-2021-08-11","release-2021-08-12","release-2021-08-17","release-2021-08-19","release-2021-08-20","release-2021-08-26","release-2021-08-31","release-2021-09-02","release-2021-09-09","release-2021-09-14","release-2021-09-16","release-2021-09-17","release-2021-09-21","release-2021-09-23","release-2021-09-28","release-2021-09-30","release-2021-1-7","release-2021-10-04","release-2021-10-06","release-2021-10-07","release-2021-10-11","release-2021-10-13","release-2021-10-14","release-2021-10-16","release-2021-10-19","release-2021-10-21","release-2021-10-22","release-2021-10-28","release-2021-10-29","release-2021-10-29.1","release-2021-11-08","release-2021-11-11","release-2021-11-11.1","release-2021-11-12","release-2021-11-17","release-2021-11-17.1","release-2021-11-18","release-2021-11-19","release-2021-11-25","release-2021-12-02","release-2021-12-07","release-2021-12-09","release-2021-12-10","release-2021-12-16","release-2021-12-23","release-2021-12-24","release-2021-12-30","release-2022-01-04","release-2022-01-13","release-2022-01-18","release-2022-01-20","release-2022-01-20.1","release-2022-01-27","v0.1.0","v0.1.1","v0.1.1-alpha.0","v0.1.1-alpha.1","v0.1.1-alpha.10","v0.1.1-alpha.11","v0.1.1-alpha.12","v0.1.1-alpha.13","v0.1.1-alpha.15","v0.1.1-alpha.16","v0.1.1-alpha.17","v0.1.1-alpha.18","v0.1.1-alpha.19","v0.1.1-alpha.2","v0.1.1-alpha.20","v0.1.1-alpha.21","v0.1.1-alpha.22","v0.1.1-alpha.23","v0.1.1-alpha.24","v0.1.1-alpha.25","v0.1.1-alpha.26","v0.1.1-alpha.3","v0.1.1-alpha.4","v0.1.1-alpha.5","v0.1.1-alpha.6","v0.1.1-alpha.7","v0.1.1-alpha.8","v0.10.0","v0.11.0","v0.11.1","v0.11.2","v0.11.3","v0.12.0","v0.13.0","v0.13.1","v0.14.0","v0.15.0","v0.16.0","v0.16.1","v0.17.0","v0.17.1","v0.17.2","v0.17.3","v0.18.0","v0.18.1","v0.19.0","v0.2.0","v0.20.0","v0.20.1","v0.21.0","v0.21.1","v0.22.0","v0.22.1","v0.22.2","v0.23.0","v0.24.0","v0.24.1","v0.25.0","v0.25.1","v0.25.2","v0.25.3","v0.26.0","v0.26.1","v0.27.0","v0.28.0","v0.29.0","v0.29.1","v0.29.2","v0.3.0","v0.3.1","v0.3.2","v0.30.0","v0.30.1","v0.31.0","v0.32.0","v0.33.0","v0.33.1","v0.33.2","v0.33.3","v0.34.0","v0.34.1","v0.35.0","v0.35.1","v0.36.0","v0.36.1","v0.36.2","v0.37.0","v0.37.1","v0.38.0","v0.39.0","v0.39.1","v0.4.0","v0.4.1","v0.4.2","v0.4.3","v0.40.0","v0.40.1","v0.41.0","v0.41.1","v0.42.0","v0.43.0","v0.44.0","v0.44.1","v0.45.0","v0.46.0","v0.46.1","v0.47.0","v0.47.1","v0.47.2","v0.48.0","v0.48.1","v0.49.0","v0.5.0","v0.50.0","v0.50.1","v0.50.2","v0.51.0","v0.51.1","v0.51.2","v0.52.0","v0.52.1","v0.53.0","v0.53.1","v0.53.2","v0.53.3","v0.54.0","v0.54.1","v0.54.2","v0.54.3","v0.54.4","v0.55.0","v0.55.1","v0.56.0","v0.57.0","v0.57.1","v0.58.0","v0.58.1","v0.59.0","v0.6.0","v0.60.0","v0.60.1","v0.61.0","v0.62.0","v0.63.0","v0.63.1","v0.64.0","v0.64.1","v0.65.0","v0.66.0","v0.66.0-next.0","v0.66.0-next.1","v0.67.0","v0.67.0-next.0","v0.68.0","v0.69.0","v0.7.0","v0.70.0","v0.71.0","v0.71.0-next.0","v0.8.0","v0.8.1","v0.8.2","v0.9.0","v1.0.0","v1.1.0","v1.1.0-next.0","v1.1.0-next.1","v1.1.0-next.2","v1.1.0-next.3","v1.10.0","v1.10.0-next.0","v1.10.0-next.1","v1.10.0-next.2","v1.11.0","v1.11.0-next.0","v1.11.0-next.1","v1.11.0-next.2","v1.12.0","v1.12.0-next.0","v1.12.0-next.1","v1.12.0-next.2","v1.13.0","v1.13.0-next.0","v1.13.0-next.1","v1.13.0-next.2","v1.13.0-next.3","v1.14.0","v1.14.0-next.0","v1.14.0-next.1","v1.14.0-next.2","v1.15.0","v1.15.0-next.0","v1.15.0-next.1","v1.15.0-next.2","v1.15.0-next.3","v1.16.0","v1.16.0-next.0","v1.16.0-next.1","v1.16.0-next.2","v1.17.0","v1.17.0-next.0","v1.17.0-next.1","v1.17.0-next.2","v1.18.0","v1.18.0-next.0","v1.18.0-next.1","v1.18.0-next.2","v1.18.0-next.3","v1.19.0","v1.19.0-next.0","v1.19.0-next.1","v1.19.0-next.2","v1.2.0","v1.2.0-next.0","v1.2.0-next.1","v1.2.0-next.2","v1.2.0-next.3","v1.20.0","v1.20.0-next.0","v1.20.0-next.1","v1.20.0-next.2","v1.3.0","v1.3.0-next.0","v1.3.0-next.1","v1.3.0-next.2","v1.4.0","v1.4.0-next.0","v1.4.0-next.1","v1.4.0-next.2","v1.4.0-next.3","v1.5.0","v1.5.0-next.0","v1.5.0-next.1","v1.5.0-next.2","v1.5.0-next.3","v1.6.0","v1.6.0-next.0","v1.6.0-next.1","v1.6.0-next.2","v1.6.0-next.3","v1.7.0","v1.7.0-next.0","v1.7.0-next.1","v1.7.0-next.2","v1.8.0","v1.8.0-next.0","v1.8.0-next.1","v1.8.0-next.2","v1.9.0","v1.9.0-next.0","v1.9.0-next.1","v1.9.0-next.2","v1.9.0-next.3","v1.9.0-next.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-29185.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"}]}