Vulnerabilities > Cloudflare
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-29 | CVE-2024-0212 | Unspecified vulnerability in Cloudflare The Cloudflare Wordpress plugin was found to be vulnerable to improper authentication. | 6.5 |
| 2024-01-04 | CVE-2023-6992 | Out-of-bounds Write vulnerability in Cloudflare Zlib Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). | 5.5 |
| 2023-12-29 | CVE-2023-7078 | Server-Side Request Forgery (SSRF) vulnerability in Cloudflare Miniflare 3.20230821.0 Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. | 8.1 |
| 2023-12-29 | CVE-2023-7079 | Improper Authentication vulnerability in Cloudflare Wrangler Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. | 5.7 |
| 2023-12-29 | CVE-2023-7080 | Unspecified vulnerability in Cloudflare Wrangler The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. low complexity cloudflare | 8.0 |
| 2023-12-12 | CVE-2023-6193 | Resource Exhaustion vulnerability in Cloudflare Quiche quiche v. | 5.3 |
| 2023-12-05 | CVE-2023-6180 | Memory Leak vulnerability in Cloudflare Boring 4.0.0 The tokio-boring library in version 4.0.0 is affected by a memory leak issue that can lead to excessive resource consumption and potential DoS by resource exhaustion. | 5.3 |
| 2023-09-07 | CVE-2023-3747 | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cloudflare Warp 6.29 Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. | 5.5 |
| 2023-08-29 | CVE-2023-0654 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cloudflare Warp Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. | 3.7 |
| 2023-08-29 | CVE-2023-0238 | Unspecified vulnerability in Cloudflare Warp Due to lack of a security policy, the WARP Mobile Client (<=6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app. | 5.5 |