Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

Impact Wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs were presented in the i8x16.swizzle and select WebAssembly...

GHSA-JQWC-C49R-4W2X Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

Impact Wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs were presented in the i8x16.swizzle and select WebAssembly...

CVE-2022-31104

Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...

Input validation

Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...

CVE-2022-31104

Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...

CVE-2022-31104 Miscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime

Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...

Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jqwc-c49r-4w2x. For more information see the GitHub-hosted security advisory...

RUSTSEC-2022-0095 Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jqwc-c49r-4w2x. For more information see the GitHub-hosted security advisory...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in sanitizer.rb, when allowed tags are overridden to allow both select and style elements. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious script in...

Rails::Html::Sanitizer vulnerable to Cross-site Scripting

Versions of Rails::Html::Sanitizer prior to version 1.4.3 are vulnerable to XSS with certain configurations of Rails::Html::Sanitizer which allows an attacker to inject content when the application developer has overridden the sanitizer's allowed tags to allow both select and style elements. Code...

GHSA-PG8V-G4XQ-HWW9 Rails::Html::Sanitizer vulnerable to Cross-site Scripting

Versions of Rails::Html::Sanitizer prior to version 1.4.3 are vulnerable to XSS with certain configurations of Rails::Html::Sanitizer which allows an attacker to inject content when the application developer has overridden the sanitizer's allowed tags to allow both select and style elements. Code...

DEBIAN-CVE-2022-32209

Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3 ImpactA possible XS...

CVE-2022-32209

Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3 ImpactA possible XS...

CVE-2022-32209

Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3 ImpactA possible XS...

Malicious Package

Overview @uc-maps/layer-select.react is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if th...

MAL-2022-5166 Malicious code in oz-select-lib2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc244268e31ff162335d149980a9cd27488d212971b485bfe356426e18ec7067 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in oz-select-lib2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc244268e31ff162335d149980a9cd27488d212971b485bfe356426e18ec7067 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @harrysforge/select (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 678adfaf4ddcbc1ae13d315e3b36bfed1bd6a886c671fe43f87284812533b3d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-321 Malicious code in @harrysforge/select (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 678adfaf4ddcbc1ae13d315e3b36bfed1bd6a886c671fe43f87284812533b3d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @exness/select-component-ab (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d29b6513b80899239583b8e97cd19234de22626fe343849130aff0bfe968cd3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...