Localstack: Security Vulnerabilities
Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.
CVSS Score
7.4
EPSS Score
0.001
Published
2023-11-16
The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-05-07
A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-05-07