CNNVD-202509-3099 Information
CNNVD ID
CNNVD-202509-3099
Related CVE
- CNNVD Published: 2025-09-19
Description (Chinese)
Cloudflare Workers SDK是Cloudflare开源的一个开发者工具包。 Cloudflare Workers SDK 1.6.0之前版本存在信息泄露漏洞,该漏洞源于默认配置下本地开发服务器暴露所有文件,可能导致敏感信息泄露。
Description (English)
Cloudflare Workers SDK is a developer tool kit for the Claudflare Open Source. There was a leak in the pre-Claudflare Workers SDK 1.6.0, which resulted from the exposure of all files to the locally developed server under the default configuration, which could lead to the disclosure of sensitive information.
Hazard Level
High
Vulnerability Type
信息泄露
Affected Vendor
Cloudflare
Published
2025-09-19
Last Modified
2026-02-24
References
https://github.com/cloudflare/workers-sdk/commit/0e500720bf70016fa4ea21fc8959c4bd764ebc38 https://github.com/cloudflare/workers-sdk/discussions/3455#discussioncomment-6165773 https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-4pfg-2mw5-f8jx https://hackerone.com/reports/3117837 https://access.redhat.com/security/cve/cve-2025-59427
Patch
https://github.com/cloudflare/workers-sdk/releases
Share on: