{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-55285", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-08-12T16:15:30.236Z", "datePublished": "2025-08-15T17:10:26.735Z", "dateUpdated": "2025-08-15T17:49:24.677Z"}, "containers": {"cna": {"title": "@backstage/plugin-scaffolder-backend Template Secret Leakage in Logs in Scaffolder When Using `fetch:template`", "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "lang": "en", "description": "CWE-532: Insertion of Sensitive Information into Log File", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/backstage/backstage/security/advisories/GHSA-3x3q-ghcp-whf7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/backstage/backstage/security/advisories/GHSA-3x3q-ghcp-whf7"}, {"name": "https://github.com/backstage/backstage/commit/c371f6fe12371de31dca537510e6653e287cdc2e", "tags": ["x_refsource_MISC"], "url": "https://github.com/backstage/backstage/commit/c371f6fe12371de31dca537510e6653e287cdc2e"}], "affected": [{"vendor": "backstage", "product": "backstage", "versions": [{"version": "< 2.1.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-08-15T17:10:26.735Z"}, "descriptions": [{"lang": "en", "value": "@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If ${{ secrets.x }} is not passed through to fetch:template there is no impact. This issue has been resolved in 2.1.1 of the scaffolder-backend plugin. A workaround for this issue involves Template Authors removing the use of ${{ secrets }} being used as an argument to fetch:template."}], "source": {"advisory": "GHSA-3x3q-ghcp-whf7", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-15T17:49:07.268161Z", "id": "CVE-2025-55285", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-15T17:49:24.677Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-55285", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-15T17:49:07.268161Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-15T17:49:19.543Z"}}], "cna": {"title": "@backstage/plugin-scaffolder-backend Template Secret Leakage in Logs in Scaffolder When Using `fetch:template`", "source": {"advisory": "GHSA-3x3q-ghcp-whf7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 2.6, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "backstage", "product": "backstage", "versions": [{"status": "affected", "version": "< 2.1.1"}]}], "references": [{"url": "https://github.com/backstage/backstage/security/advisories/GHSA-3x3q-ghcp-whf7", "name": "https://github.com/backstage/backstage/security/advisories/GHSA-3x3q-ghcp-whf7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/backstage/backstage/commit/c371f6fe12371de31dca537510e6653e287cdc2e", "name": "https://github.com/backstage/backstage/commit/c371f6fe12371de31dca537510e6653e287cdc2e", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If ${{ secrets.x }} is not passed through to fetch:template there is no impact. This issue has been resolved in 2.1.1 of the scaffolder-backend plugin. A workaround for this issue involves Template Authors removing the use of ${{ secrets }} being used as an argument to fetch:template."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-08-15T17:10:26.735Z"}}}, "cveMetadata": {"cveId": "CVE-2025-55285", "state": "PUBLISHED", "dateUpdated": "2025-08-15T17:49:24.677Z", "dateReserved": "2025-08-12T16:15:30.236Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-08-15T17:10:26.735Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If ${{ secrets.x }} is not passed through to fetch:template there is no impact. This issue has been resolved in 2.1.1 of the scaffolder-backend plugin. A workaround for this issue involves Template Authors removing the use of ${{ secrets }} being used as an argument to fetch:template."}, {"lang": "es", "value": "@backstage/plugin-scaffolder-backend es el backend para las plantillas predeterminadas del software Backstage. Antes de la versi\u00f3n 2.1.1, el registro duplicado de los valores de entrada en la acci\u00f3n fetch:template del Scaffolder provocaba que algunos secretos no se redactaran correctamente. Si ${{ secrets.x }} no se pasa a fetch:template, no hay impacto. Este problema se ha resuelto en la versi\u00f3n 2.1.1 del complemento scaffolder-backend. Una soluci\u00f3n alternativa consiste en que los autores de plantillas eliminen el uso de ${{ secrets }} como argumento para fetch:template."}], "id": "CVE-2025-55285", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-08-15T18:15:27.943", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/backstage/backstage/commit/c371f6fe12371de31dca537510e6653e287cdc2e"}, {"source": "security-advisories@github.com", "url": "https://github.com/backstage/backstage/security/advisories/GHSA-3x3q-ghcp-whf7"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"bugzilla": {"description": "@backstage/plugin-scaffolder-backend: @backstage/plugin-scaffolder-backend Template Secret Leakage in Logs", "id": "2388819", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388819"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-532", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-55285", "package_state": [{"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-backstage-plugins-eventmesh-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Fix deferred", "package_name": "rhdh/rhdh-hub-rhel9", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Fix deferred", "package_name": "rhdh/rhdh-rhel9-operator", "product_name": "Red Hat Developer Hub"}], "public_date": "2025-08-15T17:10:26Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-55285\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-55285\nhttps://github.com/backstage/backstage/commit/c371f6fe12371de31dca537510e6653e287cdc2e\nhttps://github.com/backstage/backstage/security/advisories/GHSA-3x3q-ghcp-whf7"], "threat_severity": "Low"}

{"created": "2025-08-16T21:40:38.721035+00:00", "updated": "2025-08-16T21:40:38.721093+00:00", "vendors": ["backstage", "backstage$PRODUCT$backstage"]}