3 matches found
CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
PT-2025-21340 · Wamr +1 · Wamr +1
Name of the Vulnerable Software and Affected Versions: WAMR versions up to and including 2.2.0 WAMR built with libc-uvwasi on Windows Description: The issue is related to a symlink following vulnerability in the WebAssembly Micro Runtime WAMR. On WAMR running in Windows, creating a symlink pointi...
CVE-2024-27532
wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...