Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2025/12/25 12:50 a.m.2 views

SUSE CVE-2024-51745

Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits,...

10CVSS6.8AI score0.00812EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/11/05 10:35 p.m.10 views

CVE-2024-51745

A flaw was found in the Wasmtime package. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on. However, it did not block access to the special device filenames that use superscript digits, such as...

2.3CVSS6.5AI score0.00812EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2024/11/05 10:18 p.m.4 views

auto-wasi (=0.1.0), candid-extractor (>=0.1.0 <=0.1.2) +105 more potentially affected by CVE-2024-51745 via wasmtime (>=0.10.0 <=1.0.2)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.5.0, =0.0.1-alpha, =0.40.1, =0.45.0, =0.1.0, =0.3.0 and more Source cves: CVE-2024-51745 Source advisory: OSV:GHSA-C2F5-JXJV-2HH8...

10CVSS5.4AI score0.00812EPSS
Exploits0
Wolfi
Wolfi
added 2024/11/05 10:15 p.m.12 views

CVE-2024-51745 vulnerabilities

Vulnerabilities for packages: wasmtime, zed, wash, wasmcloud, wizer...

10CVSS5.8AI score0.00812EPSS
Exploits0
Chainguard
Chainguard
added 2024/11/05 10:15 p.m.19 views

CVE-2024-51745 vulnerabilities

Vulnerabilities for packages: wizer, zed, wash, wasmtime, wasmcloud...

10CVSS5.8AI score0.00812EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/11/05 10:15 p.m.6 views

CVE-2024-51745

Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits,...

10CVSS5.9AI score0.00812EPSS
Exploits0References5
Circl
Circl
added 2024/11/05 9:19 p.m.3 views

CVE-2024-51745

creationtimestamp| type| source ---|---|--- 2024-11-05 21:19:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113432431807385293 2024-11-05 23:56:26+00:00| seen| https://t.me/cvedetector/9954...

10CVSS4.7AI score0.00812EPSS
Exploits0References2
CVE
CVE
added 2024/11/05 9:9 p.m.289 views

CVE-2024-51745

Wasmtime on Windows had a sandbox bypass where filenames with superscript digits (e.g., COM¹, LPT⁰) were not blocked, allowing untrusted Wasm code with filesystem access to reach devices and peripherals via special device filenames. Affected software: Wasmtime’s Windows filesystem sandbox. Root c...

10CVSS6.7AI score0.00812EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/11/05 9:9 p.m.10 views

CVE-2024-51745 Wasmtime doesn't fully sandbox all the Windows device filenames

Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits,...

2.3CVSS6.7AI score0.00812EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2024/11/02 12:0 p.m.8 views

auto-wasi (=0.1.0), candid-extractor (>=0.1.0 <=0.1.2) +105 more potentially affected by CVE-2024-51745 via wasmtime (>=0.10.0 <=1.0.2)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.5.0, =0.0.1-alpha, =0.40.1, =0.45.0, =0.1.0, =0.3.0 and more Source cves: CVE-2024-51745 Source advisory: OSV:RUSTSEC-2024-0438...

10CVSS5.4AI score0.00812EPSS
Exploits0
Rows per page
Query Builder