CBL Mariner 2.0 Security Update: fluent-bit (CVE-2023-52284)

The version of fluent-bit installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-52284 advisory. - Bytecode Alliance wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR before 1.3.0 can have an doub...

CVE-2023-52284 affecting package fluent-bit for versions less than 2.1.10-3

CVE-2023-52284 affecting package fluent-bit for versions less than 2.1.10-3. A patched version of the package is available...

CVE-2023-52284

Bytecode Alliance wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because pushpopframerefoffset is mishandled...

CVE-2023-52284

Bytecode Alliance wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because pushpopframerefoffset is mishandled...

CVE-2023-52284

Bytecode Alliance wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because pushpopframerefoffset is mishandled...

AZL-32276 CVE-2023-52284 affecting package fluent-bit for versions less than 2.1.10-3

Bytecode Alliance wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because pushpopframerefoffset is mishandled...

CVE-2023-52284

WAMR (wasm-micro-runtime) versions prior to 1.3.0 are affected by CVE-2023-52284 due to mishandling of push_pop_frame_ref_offset, which can lead to a double free or memory corruption when processing a valid WebAssembly module. The issue is rooted in the runtime’s frame reference offset handling. ...