Wasmtime Security Vulnerabilities and Issues — Wasmtime CVE List

Lucene search

BytecodeallianceWasmtime

3 matches found

CVE•added 2022/11/10 8:15 p.m.•55 views

CVE-2022-39393

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to...

8.6CVSS8.4AI score0.00119EPSS

CVE•added 2022/11/10 8:15 p.m.•54 views

CVE-2022-39392

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mapping...

7.4CVSS6.4AI score0.00098EPSS

CVE•added 2022/11/10 8:15 p.m.•51 views

CVE-2022-39394

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's C API implementation where the definition of the wasmtime_trap_code does not match its declared signature in the wasmtime/trap.h header file. This discrepancy causes the function implementation to...

9.8CVSS6.8AI score0.00052EPSS