4 matches found
SUSE CVE-2026-34941
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...
EUVD-2026-20990
Wasmtime: Panic when transcoding misaligned utf-16 strings...
CVE-2026-34942
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...
Vulnerability of the functions napi_get_value_string_latin1(), napi_get_value_string_utf8(), and napi_get_value_string_utf16 on the Node.js software platform, allowing a hacker to execute arbitrary code.
The vulnerabilities of the functions napigetvaluestringlatin1, napigetvaluestringutf8, and napigetvaluestringutf16 in the Node.js software platform are related to the execution of operations outside of the buffer in memory. Exploiting these vulnerabilities can allow a remote attacker to execute...