GHSA-64CJ-QVX5-M4F3 Nhost CLI local configserver allows cross-origin unauthenticated read/write access to local development configuration and secrets

Summary The hidden nhost configserver used by nhost dev exposes the Mimir GraphQL API with dummy authorization directives and permissive CORS. When a developer is running the local development environment, any process that can reach the developer's localhost service, including a web page loaded...

MAL-2022-4142 Malicious code in kenticodevelopmentconfiguration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d36d3f0d529878ae211cea487201400019121f904c7564de5cf47ab714b38dcd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...