CVE-2021-39218

Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses externrefs in Wasmtime. To trigger thi...

CVE-2021-39218

Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses externrefs in Wasmtime. To trigger thi...

Design/Logic Flaw

Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses externrefs in Wasmtime. To trigger thi...

CVE-2021-39218 Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime

Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses externrefs in Wasmtime. To trigger thi...

CVE-2021-39218

Technical details about CVE-2021-39218 (affected Wasmtime versions 0.26.0–0.30.0, root cause, exploit paths, and fixes) are not provided in the supplied documents. Monitor for official disclosures and patches.

Wasmtime 缓冲区错误漏洞

Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. Wasmtime suffers from a buffer error vulnerability that stems from an invalid free and out-of-bounds read/write error when running Wasm due to a memory unsoundness vulnerability in...