webpack-dev-server

webpack-dev-server users' source code may be stolen when they access a malicious web site

Missing Origin Validation in webpack-dev-server

webpack-dev-server vulnerable to cross-origin source code exposure on non-HTTPS origins

webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser

webpack-dev-server vulnerable to HMR WebSocket interception via permissive user proxies

Malicious code in webpack-dev-server.legacy (npm)