Lucene search
K

2114 matches found

NVD
NVD
added 2024/10/09 6:15 p.m.35 views

CVE-2024-47813

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS0.00152EPSS
Exploits0References2
NVD
NVD
added 2024/10/09 6:15 p.m.21 views

CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS0.00244EPSS
Exploits0References6
OSV
OSV
added 2024/10/09 6:15 p.m.8 views

PYSEC-2024-312

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS5.8AI score0.00244EPSS
Exploits0References6
OSV
OSV
added 2024/10/09 6:15 p.m.2 views

UBUNTU-CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS5.8AI score0.00244EPSS
Exploits0References8
OSV
OSV
added 2024/10/09 6:15 p.m.3 views

UBUNTU-CVE-2024-47813

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS5.8AI score0.00152EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/09 6:7 p.m.37 views

CVE-2024-47813 Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS0.00152EPSS
Exploits0References2
CVE
CVE
added 2024/10/09 6:7 p.m.323 views

CVE-2024-47813

CVE-2024-47813 is a race-condition bug in Wasmtime where concurrent creation/dropping of types (e.g., FuncType, ArrayType) on a shared wasmtime::Engine can cause double-unregistration, potentially corrupting the internal type registry and violating WebAssembly CFI and type safety. The issue arise...

2.9CVSS3.6AI score0.00152EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/09 6:7 p.m.23 views

CVE-2024-47813 Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS6.8AI score0.00152EPSS
Exploits0References2
CVE
CVE
added 2024/10/09 6:3 p.m.291 views

CVE-2024-47763

The CVE-2024-47763 issue affects Wasmtime’s WebAssembly runtime, where tail-call support combined with stack traces can trigger a crash. Root cause: when a WebAssembly function uses return_call/return_call_indirect/return_call_ref to a host function that captures a stack trace, the stack-walking ...

5.5CVSS5.4AI score0.00244EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/09 6:3 p.m.15 views

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS7AI score0.00244EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/10/09 6:3 p.m.27 views

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS0.00244EPSS
Exploits0References6
OSV
OSV
added 2024/10/09 6:3 p.m.13 views

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS6.8AI score0.00244EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/10/09 6:3 p.m.6 views

CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS5.5AI score0.00244EPSS
Exploits0
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.5 views

Wasmtime 安全漏洞

Wasmtime is a standalone WebAssembly and WASI-only wasm optimization runtime open-sourced by the Bytecode Alliance. A security vulnerability exists in Wasmtime. An attacker exploiting this vulnerability could cause denial of access...

5.5CVSS6.3AI score0.00244EPSS
Exploits0References8
OSV
OSV
added 2024/10/03 12:0 p.m.12 views

RUSTSEC-2024-0439 Race condition could lead to WebAssembly control-flow integrity and type safety violations

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7qmx-3fpx-r45m. For more information see the GitHub-hosted security advisory...

2.9CVSS6.5AI score0.00152EPSS
Exploits0References3
RustSec
RustSec
added 2024/10/03 12:0 p.m.4 views

Race condition could lead to WebAssembly control-flow integrity and type safety violations

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7qmx-3fpx-r45m. For more information see the GitHub-hosted security advisory...

2.9CVSS7AI score0.00152EPSS
Exploits0Affected Software1
SUSE Linux
SUSE Linux
added 2024/10/01 3:2 p.m.3 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.2.3 MFSA 2024-43 bsc1229821 CVE-2024-8394: Crash when aborting verification of OTR chat. CVE-2024-8385: WASM type confusion involving ArrayTypes. CVE-2024-8381: Type confusion when looking up a property name in...

8.8CVSS9.2AI score0.04395EPSS
Exploits2References72
RedHat Linux
RedHat Linux
added 2024/09/19 6:28 p.m.11 views

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

9.8CVSS7.3AI score0.00575EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/09/19 6:25 p.m.5 views

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

9.8CVSS7.3AI score0.00575EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/09/19 12:18 p.m.6 views

mozilla: WASM type confusion involving ArrayTypes

The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability...

9.8CVSS7.3AI score0.00575EPSS
Exploits0References7
Rows per page
Query Builder