Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago6 views

Malicious code in hexo-deployer-wrangler (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebc95a6a1ae1e522feabf03446f9791372191e27ca9da454717559b6cc6948eb The package ships a binding.gyp file line 6 containing GYP command-expansion syntax !... inside the targets/sources fields. npm implicitly runs...

6.4AI score
Exploits0References2
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.8 views

Cloudflare Wrangler security vulnerabilities

Cloudflare Wrangler is a repository managed by Cloudflare. Cloudflare Wrangler has a security vulnerability that stems from insufficient validation or cleanup of the --commit-hash parameter, which may lead to command injection attacks...

9.9CVSS5.8AI score0.01393EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.5 views

Cloudflare Wrangle Security Breach

Cloudflare Wrangler is a repository from Cloudflare, Inc. A security vulnerability exists in Cloudflare Wrangler versions prior to 3.19.0 that stems from the presence of an arbitrary code execution vulnerability that allows an attacker on a local network to connect to the inspector and run...

8.5CVSS7.5AI score0.00583EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.4 views

Wrangler Authorization Issues Vulnerability

Cloudflare Wrangler is a repository from Cloudflare, Inc. A security vulnerability exists in Wrangler versions prior to 3.19.0, which stems from the fact that sending specially crafted HTTP requests and inspector messages could cause any file on a user's computer to be accessible over the local...

6.4CVSS6.4AI score0.00699EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/08/03 1:47 p.m.20 views

CVE-2023-3348 Directory traversal vulnerability in Cloudflare Wrangler

The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the local...

5.7CVSS5.9AI score0.00701EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.4 views

Cloudflare Wrangler Path Traversal Vulnerability

Cloudflare Wrangler is a repository from Cloudflare, Inc. A path traversal vulnerability exists in Wrangler versions prior to 3.1.1, which stems from a directory traversal vulnerability when running the local development server for Pages the wrangler Pages dev command, which can be exploited by a...

5.7CVSS6.5AI score0.00701EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2021/08/03 7:0 p.m.10 views

@alex.garcia/oak (>=0.0.17 <=0.0.19), @apify/better-sqlite3-prebuilds (=7.1.1) +195 more potentially affected by CVE-2021-32803 via tar (>=4.0.1 <=4.4.13)

tar NPM version =4.0.1, =0.0.17, =0.0.1, =0.2.0, =0.2.0, =3.0.7, =3.0.6, =1.4.0, =1.0.0, =1.0.0-alpha.1, =1.10.9-beta, =1.0.0, =1.1.4, =2.1.0, =2.2.0 and more Source cves: CVE-2021-32803 Source advisory: OSV:GHSA-R628-MHMH-QJHW...

8.2CVSS6.7AI score0.07795EPSS
Exploits0
Rows per page
Query Builder