CVE-2022-21707

wasmCloud Host Runtime is a server process that securely hosts and provides dispatch for web assembly WASM actors and capability providers. In versions prior to 0.52.2 actors can bypass capability authorization. Actors are normally required to declare their capabilities for inbound invocations, b...

Authorization

wasmCloud Host Runtime is a server process that securely hosts and provides dispatch for web assembly WASM actors and capability providers. In versions prior to 0.52.2 actors can bypass capability authorization. Actors are normally required to declare their capabilities for inbound invocations, b...

CVE-2022-21707 Incorrect Authorization in wasmCloud

wasmCloud Host Runtime is a server process that securely hosts and provides dispatch for web assembly WASM actors and capability providers. In versions prior to 0.52.2 actors can bypass capability authorization. Actors are normally required to declare their capabilities for inbound invocations, b...

PT-2022-15054 · Unknown · Wasmcloud Host Runtime

Name of the Vulnerable Software and Affected Versions: wasmCloud Host Runtime versions prior to 0.52.2 Description: The issue affects the security model of actors in the wasmCloud Host Runtime, allowing them to bypass capability authorization. Normally, actors are required to declare their...