CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51745 – Wasmtime doesn't fully sandbox all the Windows device filenames
https://notcve.org/view.php?id=CVE-2024-51745
05 Nov 2024 — Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so on. Untrusted Wasm programs that are given access to any filesystem directory could bypass the sandbox and access devices through those special device filenames with s... • https://en.wikipedia.org/wiki/ISO/IEC_8859-1 • CWE-67: Improper Handling of Windows Device Names CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-41880 – Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64
https://notcve.org/view.php?id=CVE-2023-41880
15 Sep 2023 — Wasmtime is a standalone runtime for WebAssembly. Wasmtime versions from 10.0.0 to versions 10.02, 11.0.2, and 12.0.1 contain a miscompilation of the WebAssembly `i64x2.shr_s` instruction on x86_64 platforms when the shift amount is a constant value that is larger than 32. Only x86_64 is affected so all other targets are not affected by this. The miscompilation results in the instruction producing an incorrect result, namely the low 32-bits of the second lane of the vector are derived from the low 32-bits o... • https://docs.rs/wasmtime/latest/wasmtime/struct.Config.html#method.wasm_simd • CWE-193: Off-by-one Error •