Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:29 a.m.8 views

CVE-2023-26489

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

9.9CVSS9.6AI score0.01261EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/03/09 12:10 a.m.4 views

assemblylift-cli (>=0.4.0-alpha.5 <=0.4.0-alpha.11), assemblylift-core (>=0.4.0-alpha.10 <=0.4.0-alpha.11) +57 more potentially affected by CVE-2023-26489 via wasmtime (>=0.37.0 <=3.0.1)

wasmtime CARGO version =0.37.0, =0.4.0-alpha.5, =0.4.0-alpha.10, =0.1.0, =0.1.0, =0.1.0, =0.1.3, =0.5.0, =0.5.1, =0.0.1, =0.0.1, =0.0.6, =0.1.0, =0.2.1 - linera-wit-bindgen-gen-host-wasmtime-rust =0.2.0 - linera-wit-bindgen-host-wasmtime-rust =0.2.0 and more Source cves: CVE-2023-26489 Source...

9.9CVSS7.2AI score0.01261EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/03/09 12:10 a.m.3 views

barfs (=0.1.2), cranefack (=0.4.1) +48 more potentially affected by CVE-2023-26489 via cranelift-codegen (>=0.84.0 <=0.90.1)

cranelift-codegen CARGO version =0.84.0, =0.84.0, =0.84.0, =0.84.0, =0.84.0, =0.84.0, =0.84.0, =0.84.0, =0.84.0, =0.84.0, =0.84.0, =0.84.0, =10.0.0, =10.0.0, =17.0.0 and more Source cves: CVE-2023-26489 Source advisory: OSV:GHSA-FF4P-7XRQ-Q5R8...

9.9CVSS7.2AI score0.01261EPSS
Exploits0
Wolfi
Wolfi
added 2023/03/08 8:15 p.m.57 views

CVE-2023-26489 vulnerabilities

Vulnerabilities for packages: wasmtime, zellij...

9.9CVSS7AI score0.01261EPSS
Exploits0
Chainguard
Chainguard
added 2023/03/08 8:15 p.m.65 views

CVE-2023-26489 vulnerabilities

Vulnerabilities for packages: wasmtime, zellij...

9.9CVSS7AI score0.01261EPSS
Exploits0
CVE
CVE
added 2023/03/08 7:59 p.m.455 views

CVE-2023-26489

Summary of CVE-2023-26489 (wasmtime/Cranelift): In x86_64, Cranelift’s address-mode computation could extend a 32-bit WebAssembly address to 64 bits, producing an effective address up to 35 bits away from linear memory. With default codegen, this allowed wasm-controlled loads/stores to read/write...

9.9CVSS9.6AI score0.01261EPSS
Exploits0References5Affected Software2
Vulnrichment
Vulnrichment
added 2023/03/08 7:59 p.m.11 views

CVE-2023-26489 Guest-controlled out-of-bounds read/write on x86_64 in wasmtime

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

9.9CVSS9.6AI score0.01261EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2023/03/08 7:59 p.m.2 views

CVE-2023-26489

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

9.9CVSS9.6AI score0.01261EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/03/02 12:0 p.m.4 views

assemblylift-cli (>=0.4.0-alpha.5 <=0.4.0-alpha.11), assemblylift-core (>=0.4.0-alpha.10 <=0.4.0-alpha.11) +110 more potentially affected by CVE-2023-26489 via wasmtime (>=0.10.0 <=3.0.1)

wasmtime CARGO version =0.10.0, =0.4.0-alpha.5, =0.4.0-alpha.10, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.0.1, =0.0.1, =0.5.5 and more Source cves: CVE-2023-26489 Source advisory: OSV:RUSTSEC-2023-0090...

9.9CVSS7.7AI score0.01261EPSS
Exploits0
Rows per page
Query Builder