Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-8c93-4hch-xgxp: Cloudflare Wrangler directory traversal vulnerability

Impact

The Wrangler command line tool (<[email protected]) was affected by a directory traversal vulnerability when running a local development server for Pages (wrangler pages dev command). This vulnerability enabled an attacker in the same network as the victim to connect to the local development server and access the victim’s files present outside of the directory for the development server.

Patches

Upgrade to [email protected] or higher.

References

Workers SDK on Github Wrangler docs CVE-2023-3348

ghsa
Open in Source
#vulnerability#git

Cloudflare Wrangler directory traversal vulnerability

Moderate severity GitHub Reviewed Published Aug 3, 2023 in cloudflare/workers-sdk • Updated Aug 3, 2023

Related news

CVE-2023-3348: Wrangler (command line) · Cloudflare Workers docs

The Wrangler command line tool (<[email protected]) was affected by a directory traversal vulnerability when running a local development server for Pages (wrangler pages dev command). This vulnerability enabled an attacker in the same network as the victim to connect to the local development server and access the victim's files present outside of the directory for the development server.

ghsa: Latest News

GHSA-w5rq-g9r6-vrcg: @dapperduckling/keycloak-connector-server has Reflected XSS Vulnerability in Authentication Flow URL Handling
ghsa