CloudFlare Miniflare
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in CloudFlare Miniflare.
By the Year
In 2026 there have been 0 vulnerabilities in CloudFlare Miniflare. Miniflare did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 8.10 |
It may take a day or so for new Miniflare vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent CloudFlare Miniflare Security Vulnerabilities
Miniflare External Interface HTTP/WebSocket Injection (prior 3.19.0)
CVE-2023-7078
8.1 - High
- December 29, 2023
Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on external network interfaces (as was the default in wrangler until 3.19.0), an attacker on the local network could access other local servers.
SSRF
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for CloudFlare Miniflare or by CloudFlare? Click the Watch button to subscribe.
