CVE-2023-7079

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-7079
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-7079.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-7079
Aliases
Published
2023-12-29T12:15:47Z
Modified
2024-06-06T13:59:36.909748Z
Severity
  • 5.7 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any file.

References

Affected packages

Git / github.com/cloudflare/workers-sdk

Affected ranges

Type
GIT
Repo
https://github.com/cloudflare/workers-sdk
Events

Affected versions

@cloudflare/pages-shared@0.*

@cloudflare/pages-shared@0.10.0
@cloudflare/pages-shared@0.10.1
@cloudflare/pages-shared@0.11.0
@cloudflare/pages-shared@0.11.1
@cloudflare/pages-shared@0.11.2

create-cloudflare@2.*

create-cloudflare@2.3.0
create-cloudflare@2.3.1
create-cloudflare@2.4.0
create-cloudflare@2.4.1
create-cloudflare@2.5.0
create-cloudflare@2.6.0
create-cloudflare@2.6.1
create-cloudflare@2.6.2
create-cloudflare@2.7.0
create-cloudflare@2.7.1
create-cloudflare@2.8.0

miniflare@3.*

miniflare@3.0.0
miniflare@3.0.0-next.1
miniflare@3.0.0-next.10
miniflare@3.0.0-next.11
miniflare@3.0.0-next.12
miniflare@3.0.0-next.13
miniflare@3.0.0-next.2
miniflare@3.0.0-next.3
miniflare@3.0.0-next.4
miniflare@3.0.0-next.6
miniflare@3.0.0-next.7
miniflare@3.0.0-next.8
miniflare@3.0.0-next.9
miniflare@3.0.0-rc.1
miniflare@3.0.1
miniflare@3.0.2
miniflare@3.20230628.0
miniflare@3.20230710.0
miniflare@3.20230717.0
miniflare@3.20230724.0
miniflare@3.20230801.0
miniflare@3.20230807.0
miniflare@3.20230814.0
miniflare@3.20230814.1
miniflare@3.20230821.0
miniflare@3.20230904.0
miniflare@3.20230918.0
miniflare@3.20230922.0
miniflare@3.20231002.0
miniflare@3.20231002.1
miniflare@3.20231010.0
miniflare@3.20231016.0
miniflare@3.20231023.0
miniflare@3.20231025.0
miniflare@3.20231030.0
miniflare@3.20231030.1
miniflare@3.20231030.2

wrangler@3.*

wrangler@3.10.0
wrangler@3.10.1
wrangler@3.11.0
wrangler@3.12.0
wrangler@3.13.0
wrangler@3.13.1
wrangler@3.13.2
wrangler@3.14.0
wrangler@3.15.0
wrangler@3.16.0
wrangler@3.17.0
wrangler@3.17.1
wrangler@3.18.0
wrangler@3.9.0
wrangler@3.9.1