GHSA-Q879-9G95-56MX Wrong type for `Linker`-define functions when used across two `Engine`s

Impact As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should not be possible to have memory unsafety issues in their embeddings of Wasmtime. An issue was discovered in the safe API of...

CVE-2021-39219

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

CVE-2021-39219

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

Type confusion

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

PYSEC-2021-322

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

CVE-2021-39219 Wrong type for `Linker`-define functions when used across two `Engine`s

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

CVE-2021-39219

Technical details about CVE-2021-39219 are not publicly provided in the connected documents. Monitor for updates from official advisories; the supplied sources do not enumerate affected products/versions or fixes beyond the initial description.

CVE-2021-39219

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

abd-clam (>=0.10.0-dev0 <=0.12.1), adbc_core (=0.14.0) +286 more potentially affected by unknown CVE via arrow (>=0.16.0 <=5.5.0)

arrow CARGO version =0.16.0, =0.10.0-dev0, =0.6.0, =0.6.0, =0.2.0, =0.4.0, =0.3.0, =0.2.0, =2.0.0, =0.2.0, =0.1.0, =0.2.0 - arrow-graph-core =0.1.0 - arrow-graph-git =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0118...

abd-clam (>=0.10.0-dev0 <=0.12.1), adbc_core (=0.14.0) +286 more potentially affected by unknown CVE via arrow (>=0.16.0 <=5.5.0)

arrow CARGO version =0.16.0, =0.10.0-dev0, =0.6.0, =0.6.0, =0.2.0, =0.4.0, =0.3.0, =0.2.0, =2.0.0, =0.2.0, =0.1.0, =0.2.0 - arrow-graph-core =0.1.0 - arrow-graph-git =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0117...

acid-store (>=0.12.0 <=0.14.2), aliyundrive-fuse (>=0.1.0 <=0.1.14) +34 more potentially affected by unknown CVE via fuser (>=0.10.0 <=0.15.1)

fuser CARGO version =0.10.0, =0.12.0, =0.1.0, =1.0.0, =0.1.0, =0.6.0, =0.2.5, =0.1.2, =0.8.0, =0.8.2 - iso9660 =0.1.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0154...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71660)

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, is vulnerable until version 1.0.4. The vulnerability stems from the program ButtplugFutureStateShared not properly considering objects, which leads to data contention. No details of the vulnerability are currently...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71651)

A security vulnerability exists in Rust, a general-purpose, compiled programming language from the Mozilla Foundation. The vulnerability stems from the fact that programs send features or synchronize features without bounds, so data contention and memory corruption can occur. No details of the...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71657)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust hashconsing crate before 1.1.0, which stems from a limitation in HConsed's lack of sending or synchronization features, and could be exploited by an attacker to cause a...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71659)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. rust mayqueue crate through 2020-11-10 A security vulnerability exists due to a limitation in the queue's lack of send feature or synchronization feature, which could be exploited by an attacker to cause a memor...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71655)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability existed in Rust prior to version 0.9.1. The vulnerability stems from the possibility that program reserved calls could create invalid UTF-8 strings, thereby violating soundness. No detai...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71650)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability in Rust rusb crate before 0.7.0, which stems from a lack of send and synchronization restrictions, can be exploited by an attacker to cause data contention and memory corruption...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71653)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in Rust late-static crate before 0.4.0, which stems from the fact that Sync is implemented with LateStatic's T: Send, causing data contention to occur. No details of the...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71652)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability existed in Rust prior to version 0.3.2. The vulnerability stems from a possible thread crossover in a program's non-sending but synchronized type, which could be exploited by an attacker...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71658)

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, was previously vulnerable in version 0.5.1. The vulnerability stems from the fact that programs can send non-send types to other threads, which can be exploited by attackers to potentially cause data contention an...