Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Directory traversal vulnerability in Cloudflare Wrangler
Vulnerability Description
The Wrangler command line tool (<=wrangler@3.1.0 or <=wrangler@2.20.1) was affected by a directory traversal vulnerability when running a local development server for Pages (wrangler pages dev command). This vulnerability enabled an attacker in the same network as the victim to connect to the local development server and access the victim's files present outside of the directory for the development server.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Cloudflare Wrangler 路径遍历漏洞
Vulnerability Description
Cloudflare Wrangler是Cloudflare公司的一个存储库。 Wrangler 3.1.1之前版本存在路径遍历漏洞,该漏洞源于在运行 Pages 的本地开发服务器(wrangler Pages dev 命令)时容易受到目录遍历漏洞的影响, 攻击者利用该漏洞可以连接到本地开发服务器并访问开发服务器目录之外的文件。
CVSS Information
N/A
Vulnerability Type
N/A