2101 matches found
CVE-2026-27572
Wasmtime (WebAssembly runtime) is affected by CVE-2026-27572 in the wasi:http/types.fields implementation. Prior to patched releases (Wasmtime 24.0.6, 36.0.6, 40.0.4, 41.0.4, and 42.0.0), the wasmtime-wasi-http crate uses a data structure that panics when the headers field set becomes excessively...
CVE-2026-27204
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0, Wasmtime's implementation of WASI host interfaces are susceptible to guest-controlled resource exhaustion on the host. Wasmtime did not appropriately place limits on resource allocations requested...
CVE-2026-27204
CVE-2026-27204 involves Wasmtime’s WASI host interfaces, where guest code could exhaust host resources due to insufficient limits on resource allocations. Affected versions prior to fixes include 24.0.6, 36.0.6, 40.0.4, 41.0.4, and 42.0.0. The fixes are released in Wasmtime 24.0.6, 36.0.6, 40.0.4...
CVE-2026-27204 Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0, Wasmtime's implementation of WASI host interfaces are susceptible to guest-controlled resource exhaustion on the host. Wasmtime did not appropriately place limits on resource allocations requested...
CVE-2026-27204 Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0, Wasmtime's implementation of WASI host interfaces are susceptible to guest-controlled resource exhaustion on the host. Wasmtime did not appropriately place limits on resource allocations requested...
GHSA-852M-CVVP-9P4W Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion
Impact Wasmtime's implementation of WASI host interfaces are susceptible to guest-controlled resource exhaustion on the host. Wasmtime did not appropriately place limits on resource allocations requested by the guests. This serves as a Denial of Service vector where a guest can induce a range of...
CVE-2026-2801
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox 148 and Thunderbird 148...
CVE-2026-2796
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox 148 and Thunderbird 148...
CVE-2026-2804
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox 148 and Thunderbird 148...
CVE-2026-2796
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
CVE-2026-2804
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
CVE-2026-2801
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
CVE-2026-2767
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
CVE-2026-2767
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
CVE-2026-2804
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
CVE-2026-2801
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
CVE-2026-2796
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
CVE-2026-2767
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
UBUNTU-CVE-2026-2801
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
UBUNTU-CVE-2026-2796
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...