Untriaged
Arbitrary remote file read in Wrangler dev server
Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any file.
Affected products
wrangler
- =<3.9.0
- <3.19.0
Matching in nixpkgs
pkgs.wrangler
Command-line interface for all things Cloudflare Workers
-
nixos-unstable -
- nixpkgs-unstable 4.30.0
pkgs.wrangler_1
CLI tool designed for folks who are interested in using Cloudflare Workers
-
nixos-unstable -
- nixpkgs-unstable 1.21.0
pkgs.python312Packages.awswrangler
Pandas on AWS
-
nixos-unstable -
- nixpkgs-unstable 3.12.1
pkgs.python313Packages.awswrangler
Pandas on AWS
-
nixos-unstable -
- nixpkgs-unstable 3.12.1
pkgs.vscode-extensions.ms-toolsai.datawrangler
Data viewing, cleaning and preparation for tabular datasets
-
nixos-unstable -
- nixpkgs-unstable 1.22.0
Package maintainers
-
@mcwitt Matt Wittmann <mcwitt@gmail.com>
-
@katanallama katanallama
-
@ryand56 Ryan Omasta <git@ryand.ca>
-
@seanrmurphy Sean Murphy <sean@gopaddy.ch>
-
@ezrizhu Ezri Zhu <me@ezrizhu.com>
-
@dezren39 Drewry Pope <drewrypope@gmail.com>
-
@Br1ght0ne Oleksii Filonenko <brightone@protonmail.com>