Advisories for Pypi/Localstack package

Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.

A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack.

The dashboard component of StackLift LocalStack allows attackers to inject arbitrary shell commands via the functionName parameter.