Homepage
About Snyk

miniflare@3.20231023.0 vulnerabilities

Fun, full-featured, fully-local simulator for Cloudflare Workers

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the miniflare package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Server-Side Request Forgery (SSRF)

miniflare is a Fun, full-featured, fully-local simulator for Cloudflare Workers

Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF) via specially crafted HTTP and WebSocket requests to the server. An attacker can access other local servers, by sending arbitrary requests from the server by accessing it when configured to listen on external network interfaces.

How to fix Server-Side Request Forgery (SSRF)?

Upgrade miniflare to version 3.20231030.2 or higher.

>=3.20230821.0 <3.20231030.2
Go back to all versions of this package