VulnerableCode Package Details - pkg:pypi/localstack@0.3.10

Search for packages

Vulnerability	Summary	Fixed by
VCID-7bbn-p22w-dqc5 Aliases: CVE-2023-48054 GHSA-8633-g3ph-97rp PYSEC-2023-243	Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.	3.0.0.post1 Affected by 0 other vulnerabilities.
VCID-g51t-twvs-b3d4 Aliases: CVE-2021-32090 GHSA-hpr6-f4vq-mxch PYSEC-2021-101	The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter.	0.12.6.1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.12.10 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-qrra-fj1x-kucf Aliases: CVE-2021-32091 GHSA-37m5-42qp-4qpr PYSEC-2021-102	A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6.	0.12.6.1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.12.11 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-7bbn-p22w-dqc5
Aliases:
CVE-2023-48054
GHSA-8633-g3ph-97rp
PYSEC-2023-243

Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.

3.0.0.post1
Affected by 0 other vulnerabilities.

VCID-g51t-twvs-b3d4
Aliases:
CVE-2021-32090
GHSA-hpr6-f4vq-mxch
PYSEC-2021-101

The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter.

0.12.6.1
Affected by 3 other vulnerabilities.

0.12.10
Affected by 2 other vulnerabilities.

VCID-qrra-fj1x-kucf
Aliases:
CVE-2021-32091
GHSA-37m5-42qp-4qpr
PYSEC-2021-102

A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6.

0.12.6.1
Affected by 3 other vulnerabilities.

0.12.11
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T09:30:28.121539+00:00	GHSA Importer	Affected by	VCID-7bbn-p22w-dqc5	https://github.com/advisories/GHSA-8633-g3ph-97rp	38.6.0
2026-06-13T08:31:04.264537+00:00	GHSA Importer	Affected by	VCID-qrra-fj1x-kucf	https://github.com/advisories/GHSA-37m5-42qp-4qpr	38.6.0
2026-06-13T08:31:03.686877+00:00	GHSA Importer	Affected by	VCID-g51t-twvs-b3d4	https://github.com/advisories/GHSA-hpr6-f4vq-mxch	38.6.0
2026-06-12T19:11:25.805040+00:00	GitLab Importer	Affected by	VCID-7bbn-p22w-dqc5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/localstack/CVE-2023-48054.yml	38.6.0
2026-06-12T17:43:17.516259+00:00	GitLab Importer	Affected by	VCID-g51t-twvs-b3d4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/localstack/CVE-2021-32090.yml	38.6.0
2026-06-12T17:43:09.184632+00:00	GitLab Importer	Affected by	VCID-qrra-fj1x-kucf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/localstack/CVE-2021-32091.yml	38.6.0
2026-06-12T04:06:54.084615+00:00	Pypa Importer	Affected by	VCID-qrra-fj1x-kucf	https://github.com/pypa/advisory-database/blob/main/vulns/localstack/PYSEC-2021-102.yaml	38.6.0
2026-06-12T04:06:53.623734+00:00	Pypa Importer	Affected by	VCID-g51t-twvs-b3d4	https://github.com/pypa/advisory-database/blob/main/vulns/localstack/PYSEC-2021-101.yaml	38.6.0
2026-06-11T20:48:58.532041+00:00	PyPI Importer	Affected by	VCID-g51t-twvs-b3d4	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:48:57.911988+00:00	PyPI Importer	Affected by	VCID-qrra-fj1x-kucf	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0