45 matches found
CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
CVE-2025-54126
The CVE-2025-54126 entry concerns WebAssembly Micro Runtime (WAMR) iwasm binary; versions 2.4.0 and earlier use --addr-pool with an IPv4 address lacking a subnet mask, allowing acceptance of all IPs and potentially bypassing access restrictions. This exposes services to all external connections a...
PT-2025-31268 · Iwasm +1 · Iwasm +1
Name of the Vulnerable Software and Affected Versions: WebAssembly Micro Runtime WAMR iwasm versions 2.4.0 and below Description: The iwasm package uses the --addr-pool option with an IPv4 address lacking a subnet mask. This configuration allows the system to accept all IP addresses, potentially...
WebAssembly Micro Runtime 安全漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...
CVE-2025-43853
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink...
CVE-2025-43853
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink...
CVE-2025-43853
CVE-2025-43853 concerns the WebAssembly Micro Runtime (WAMR) iwasm binary, including builds with WASI support. A symlink-following vulnerability affects WAMR up to and including version 2.2.0 (and WAMR builds on Windows using libc-uvwasi), where creating a symlink outside the preopened sandbox an...
CVE-2025-43853 iwasm vulnerable to filesystem sandbox escape with symlink when using uvwasi feature
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink...
WebAssembly Micro Runtime 安全漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...
The vulnerability of the `block_type_get_arity` function in the `core/iwasm/interpreter/wasm.h` file in the execution environment for WebAssembly applications, such as WebAssembly Micro Runtime (WAMR), allows a malicious actor to cause a service failure.
The vulnerability of the blocktypegetarity function in the core/iwasm/interpreter/wasm.h file, within the WebAssembly environment for WebAssembly Micro Runtime applications WAMR, involves reading beyond the permitted range of memory. Exploiting this vulnerability could allow a malicious actor to...
AZL-52586 CVE-2024-27532 affecting package fluent-bit for versions less than 3.1.9-2
wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...
CVE-2024-27532
wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...
WebAssembly Micro Runtime 安全漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...
PT-2024-21938 · Unknown · Wasm-Micro-Runtime
Name of the Vulnerable Software and Affected Versions: wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR version 06df58f Description: The issue is related to a NULL Pointer Dereference in the function block type get result types. This indicates a problem where the code attempts to access...
WebAssembly Micro Runtime 安全漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...
CVE-2024-27532
wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...
CVE-2024-27532
wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...
WebAssembly Micro Runtime 安全漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...
WebAssembly Micro Runtime 安全漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...