Vulnerabilities > Cloudflare

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2024-0212 Unspecified vulnerability in Cloudflare
The Cloudflare Wordpress plugin was found to be vulnerable to improper authentication.
network
low complexity
cloudflare
6.5
2024-01-04 CVE-2023-6992 Out-of-bounds Write vulnerability in Cloudflare Zlib
Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c).
local
low complexity
cloudflare CWE-787
5.5
2023-12-29 CVE-2023-7078 Server-Side Request Forgery (SSRF) vulnerability in Cloudflare Miniflare 3.20230821.0
Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server.
low complexity
cloudflare CWE-918
8.1
2023-12-29 CVE-2023-7079 Improper Authentication vulnerability in Cloudflare Wrangler
Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network.
low complexity
cloudflare CWE-287
5.7
2023-12-29 CVE-2023-7080 Unspecified vulnerability in Cloudflare Wrangler
The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging.
low complexity
cloudflare
8.0
2023-12-12 CVE-2023-6193 Resource Exhaustion vulnerability in Cloudflare Quiche
quiche v.
network
low complexity
cloudflare CWE-400
5.3
2023-12-05 CVE-2023-6180 Memory Leak vulnerability in Cloudflare Boring 4.0.0
The tokio-boring library in version 4.0.0 is affected by a memory leak issue that can lead to excessive resource consumption and potential DoS by resource exhaustion.
network
low complexity
cloudflare CWE-401
5.3
2023-09-07 CVE-2023-3747 Reliance on Cookies without Validation and Integrity Checking vulnerability in Cloudflare Warp 6.29
Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices.
local
low complexity
cloudflare CWE-565
5.5
2023-08-29 CVE-2023-0654 Improper Restriction of Rendered UI Layers or Frames vulnerability in Cloudflare Warp
Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack.
network
high complexity
cloudflare CWE-1021
3.7
2023-08-29 CVE-2023-0238 Unspecified vulnerability in Cloudflare Warp
Due to lack of a security policy, the WARP Mobile Client (<=6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app.
local
low complexity
cloudflare
5.5