Home > Vulnerability Database > CVE-2023-51661

Mend.io Vulnerability Database

CVE-2023-51661

Good to know:

Date: December 22, 2023

Wasmer is a WebAssembly runtime that enables containers to run anywhere: from Desktop to the Cloud, Edge and even the browser. Wasm programs can access the filesystem outside of the sandbox. Service providers running untrusted Wasm code on Wasmer can unexpectedly expose the host filesystem. This vulnerability has been patched in version 4.2.4.

Language: RUST

Severity Score

8.4

Related Resources (7)

Url: https://github.com/wasmerio/wasmer/commit/e3923612c23123025c26f982d390e34df7df030f

Url: https://github.com/wasmerio/wasmer/security/advisories/GHSA-4mq4-7rw3-vm5j

Url: https://github.com/wasmerio/wasmer/commit/4d63febf9d8b257b0531963b85df48d45d0dbf3c

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-51661

Url: https://github.com/wasmerio/wasmer

Url: https://github.com/wasmerio/wasmer/issues/4267

Url: https://www.mend.io/vulnerability-database/CVE-2023-51661

Severity Score

8.4

Weakness Type (CWE)

Improper Access Control

CWE-284

Top Fix

Upgrade Version

Upgrade to version wasmer-cli - 4.2.4

Learn More

CVSS v3.1

Base Score:	8.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-51661

Good to know:

Date: December 22, 2023

Language: RUST

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?