CWE-67
5 CVEs classified under CWE-67. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-35197 | Medium | 5.4 | 2024-05-23 | gitoxide is a pure Rust implementation of Git. On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths tha… |
CVE-2026-27199 | | 2026-02-21 | Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as filenames if preceded… | |
CVE-2026-21860 | | 2026-01-08 | Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safe_join function allows path segments with Windows device names… | |
CVE-2025-66221 | | 2025-11-29 | Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safe_join function allows path segments with Windows device names… | |
CVE-2024-51745 | | 2024-11-05 | Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such a… |