Wasmtime@0.37.0 Security Vulnerabilities and Issues — Wasmtime@0.37.0 CVE List

Lucene search

BytecodeallianceWasmtime0.37.0

3 matches found

CVE•added 2023/03/08 8:15 p.m.•383 views

CVE-2023-26489

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mean...

9.9CVSS9.6AI score0.01357EPSS

CVE•added 2023/03/08 9:15 p.m.•382 views

CVE-2023-27477

wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x86_64 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indices...

4.3CVSS4.5AI score0.00176EPSS

CVE•added 2022/07/21 4:15 a.m.•65 views

CVE-2022-31146

Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will mistakenl...

8.8CVSS7.5AI score0.00783EPSS