← Back

Localstack

localstack

Vendor: Localstack • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-48054
1Localstack
1Localstack
Nov 21, 2024
Nov 16, 2023
N/A· v4
7.4 HIGH· v3
N/A· v2
Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.
CVE-2021-32091
1Localstack
1Localstack
Nov 21, 2024
May 7, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6.
CVE-2021-32090
1Localstack
1Localstack
Nov 21, 2024
May 7, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter.