Lucene search
HistoryDec 31, 2023 - 6:15 a.m.
CVE-2023-52284
bytecode alliance
wamr
1.3.0
double free
corruption
webassembly
mishandled
cve-2023-52284
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
10.5%
Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an “double free or corruption” error for a valid WebAssembly module because push_pop_frame_ref_offset is mishandled.
Affected configurations
Node
bytecodealliancewebassembly_micro_runtimeRange<1.3.0
Related
prion
prion
Double free
2023-12-31 06:15:00
cve
cve
CVE-2023-52284
2023-12-31 06:15:08
nessus
nessus
CBL Mariner 2.0 Security Update: fluent-bit (CVE-2023-52284)
2024-01-22 00:00:00
osv
osv
CVE-2023-52284
2023-12-31 06:15:08
cbl_mariner
cbl_mariner
CVE-2023-52284 affecting package fluent-bit for versions less than 2.1.10-3
2024-01-19 03:54:24
cvelist
cvelist
CVE-2023-52284
2023-12-31 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
10.5%
Related for NVD:CVE-2023-52284