Cloudflare fixed a critical vulnerability in its CDNJS library that’s used by 12.7% of all websites on the internet. The vulnerability was discovered and reported by security researcher RyotaK on April 6, 2021. There is no evidence of in-the-wild attacks abusing this flaw. The flaw could be exploited without special skills, but it could impact many websites, he said. In April 2021, a security researcher also disclosed a vulnerability in the official Homebrew Cask repository.
Source: https://thehackernews.com/2021/07/cloudflare-cdnjs-bug-could-have-led-to.html