10 matches found
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the opSetSloti32 function of m3exec.h. An attacker can cause memory corruption by manipulating the execution flow locally. Remediation There is no fixed version for pywasm3. References - GitHub Issue - GitHub Issu...
Denial Of Service (DoS)
pywasm3 is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling in the Readutf8 function...
GHSA-MHG9-MM8C-C683 pywasm3 has an Invalid Memory Read, Leading to DoS and Potential Code Execution
wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution...
pywasm3 contains a Use-After-Free in ForEachModule
wasm3 139076a contains a Use-After-Free in ForEachModule...
pywasm3 has an Invalid Memory Read, Leading to DoS and Potential Code Execution
wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution...
GHSA-46R6-92JG-22JG pywasm3 contains a Use-After-Free in ForEachModule
wasm3 139076a contains a Use-After-Free in ForEachModule...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS through the improper handling of specific input types. An attacker can cause the application to crash by sending specially crafted input. Details Denial of Service DoS describes a family of attacks, all aimed at...
GHSA-MQ9P-QW76-Q6H7 pywasm3 contains a heap buffer overflow which leads to segmentation fault
wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3compile.c...
GHSA-HH39-VJV8-J337 pywasm3 contains a global buffer overflow which leads to segmentation fault
wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3compile.c...
Improper Input Validation
pywasm3 is vulnerable to improper input validation. The vulnerability exists in wasm3/source/m3exec.h because the user inputs are not properly validated which allows an attacker to bypass url with wrong information...