Command injection in LocalStack
Critical severity
GitHub Reviewed
Published
Jun 18, 2021
to the GitHub Advisory Database
•
Updated Aug 25, 2023
Description
Published by the National Vulnerability Database
May 7, 2021
Reviewed
May 19, 2021
Published to the GitHub Advisory Database
Jun 18, 2021
Last updated
Aug 25, 2023
The dashboard component of StackLift LocalStack allows attackers to inject arbitrary shell commands via the functionName parameter.
References