3 matches found
CVE-2023-52284
WAMR (wasm-micro-runtime) versions prior to 1.3.0 are affected by CVE-2023-52284 due to mishandling of push_pop_frame_ref_offset, which can lead to a double free or memory corruption when processing a valid WebAssembly module. The issue is rooted in the runtime’s frame reference offset handling. ...
CVE-2025-64704
The CVE-2025-64704 affects the WebAssembly Micro Runtime (WAMR) prior to version 2.4.4. The root cause is a segmentation fault in the v128.store instruction, leading to potential crashes or disruption of execution when processing Wasm code. The issue has been patched in WAMR 2.4.4, so upgrading t...
CVE-2025-58749
CVE-2025-58749 affects WebAssembly Micro Runtime (WAMR) prior to version 2.4.2. In LLVM-JIT mode, WebAssembly programs containing a memory.fill instruction with the first operand (memory address pointer) >= 2 GiB could cause the runtime to hang (release builds) or crash (debug builds) due to i...