2 matches found
Wasmtime: Panic when transcoding misaligned utf-16 strings
Impact Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be passed to the host for transcoding which would trigger a host panic. This panic ...
Vulnerability of the functions napi_get_value_string_latin1(), napi_get_value_string_utf8(), and napi_get_value_string_utf16 on the Node.js software platform, allowing a hacker to execute arbitrary code.
The vulnerabilities of the functions napigetvaluestringlatin1, napigetvaluestringutf8, and napigetvaluestringutf16 in the Node.js software platform are related to the execution of operations outside of the buffer in memory. Exploiting these vulnerabilities can allow a remote attacker to execute...