CVE-2023-50974

Name of the Vulnerable Software and Affected Versions Appwrite CLI versions prior to 3.0.0

Description The issue arises when using the login command in Appwrite CLI, where the credentials of the Appwrite user are stored in a ~/.appwrite/prefs.json file with 0644 as UNIX permissions. This allows any user of the local system to access those credentials.

Recommendations For versions prior to 3.0.0, update to version 3.0.0 or later to resolve the issue. As a temporary workaround, consider changing the permissions of the ~/.appwrite/prefs.json file to more restrictive settings to minimize access to the credentials.