Vulnerability	Vulnerable Version
M Exposed Dangerous Method or Function nx is a The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the local HTTP server's permissive CORS policy, which sends `Access-Control-Allow-Origin: *` on every response. An attacker can access sensitive information, such as the full project graph and the output of the `/help` endpoint, by enticing a developer to visit a malicious website that makes cross-origin requests to the local server. In rare cases, this can also lead to arbitrary command execution if the `/help` endpoint is abused. How to fix Exposed Dangerous Method or Function? Upgrade `nx` to version 22.7.2, 23.0.0-beta.2 or higher.	>=17.0.4 <22.7.2>=23.0.0-beta.0 <23.0.0-beta.2

Exposed Dangerous Method or Function

nx is a The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration.

Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the local HTTP server's permissive CORS policy, which sends Access-Control-Allow-Origin: * on every response. An attacker can access sensitive information, such as the full project graph and the output of the /help endpoint, by enticing a developer to visit a malicious website that makes cross-origin requests to the local server. In rare cases, this can also lead to arbitrary command execution if the /help endpoint is abused.

How to fix Exposed Dangerous Method or Function?

Upgrade nx to version 22.7.2, 23.0.0-beta.2 or higher.

>=17.0.4 <22.7.2>=23.0.0-beta.0 <23.0.0-beta.2

Go back to all versions of this package