4 matches found
CVE-2023-7080
The CVE-2023-7080 issue concerns the V8 inspector in Wrangler (wrangler dev) that could be reached on all network interfaces, enabling a local-network attacker to connect to the inspector and execute arbitrary code within the Workers sandbox. Root causes cited include the inspector server not val...
CVE-2026-0933
Summary of CVE-2026-0933 : A command injection vulnerability exists in the Cloudflare Wrangler tool’s “wrangler pages deploy” command. The root cause is that the commitHash provided via the --commit-hash CLI argument is interpolated directly into a shell command (example: execSync(git show -s --f...
CVE-2023-3348
The CVE-2023-3348 entry concerns the Cloudflare Wrangler CLI and its pages dev local development server. Affected components: Wrangler (<=3.1.0) and Wrangler (
CVE-2023-7079
Summary (CVE-2023-7079) : Affects Wrangler’s dev server. By sending specially crafted HTTP requests and inspector messages, an attacker on the local network could read arbitrary files from a user’s machine. The issue enables local-file discovery/read via the dev server when a user visits a malici...