CVE-2023-7079

🗓️ 29 Dec 2023 11:54:08Reported by cloudflareType

Sending specially crafted HTTP requests and inspector message could result in remote file access

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2023-7079	29 Dec 202313:27	–	circl
CNNVD	Wrangler Authorization Issues Vulnerability	29 Dec 202300:00	–	cnnvd
Cvelist	CVE-2023-7079 Arbitrary remote file read in Wrangler dev server	29 Dec 202311:54	–	cvelist
EUVD	EUVD-2024-0330	3 Oct 202520:07	–	euvd
Github Security Blog	Arbitrary remote file read in Wrangler dev server	3 Jan 202421:24	–	github
NVD	CVE-2023-7079	29 Dec 202312:15	–	nvd
OSV	GHSA-CFPH-4QQH-W828 Arbitrary remote file read in Wrangler dev server	3 Jan 202421:24	–	osv
Prion	Design/Logic Flaw	29 Dec 202312:15	–	prion
Veracode	Arbitrary File Read	2 Jan 202411:29	–	veracode

NVD

Node

cloudflare wranglerRange3.9.0–3.19.0node.js

[
  {
    "defaultStatus": "unaffected",
    "packageName": "wrangler",
    "platforms": [
      "Windows",
      "MacOS",
      "Linux"
    ],
    "product": "wrangler",
    "repo": "https://github.com/cloudflare/workers-sdk",
    "vendor": "Cloudflare",
    "versions": [
      {
        "changes": [
          {
            "at": "3.19.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "3.9.0",
        "status": "affected",
        "version": "0",
        "versionType": "patch"
      },
      {
        "changes": [
          {
            "at": "3.19.0",
            "status": "unaffected"
          }
        ],
        "lessThan": "3.19.0",
        "status": "affected",
        "version": "0",
        "versionType": "patch"
      }
    ]
  }
]

Source	Link
github	www.github.com/cloudflare/workers-sdk/security/advisories/GHSA-cfph-4qqh-w828
github	www.github.com/cloudflare/workers-sdk/pull/4535
github	www.github.com/cloudflare/workers-sdk/pull/4532

21 Nov 2024 08:45Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.7 - 6.4

EPSS0.00071

CWE-287