Vmir Security Vulnerabilities and Issues — Vmir CVE List

LonelycoderVmir

7 matches found

CVE•added 2024/11/08 12:0 a.m.•59 views

CVE-2024-35422

CVE-2024-35422 concerns vmir e8117, where a heap buffer overflow is reported in the wasm_call function located at /src/vmir_wasm_parser.c. Multiple sources (NVD, Red Hat, CVE lists) describe this as the underlying issue; there is no public exploit details provided in the connected documents. One ...

7.8CVSS7.6AI score0.00253EPSS

CVE•added 2024/11/08 12:0 a.m.•58 views

CVE-2024-35421

CVE-2024-35421 affects vmir (version e8117). The issue is a segmentation fault in the wasm_parse_block function located at /src/vmir_wasm_parser.c, caused by an underlying bug in wasm parsing. Impact is listed as Availability Impact = HIGH, with Confidentiality/Integrity not affected; Overall CVS...

5.5CVSS7AI score0.00204EPSS

CVE•added 2024/11/08 12:0 a.m.•56 views

CVE-2024-35425

CVE-2024-35425 affects vmir e8117. A segmentation violation occurs in the function_prepare_parse function located at /src/vmir_function.c. CVSSv3.1 = 5.5 (Medium): Attack vector LOCAL, privileges NONE, user interaction REQUIRED, impact on Availability HIGH. Exploitation status is not indicated in...

5.5CVSS7.2AI score0.00204EPSS

CVE•added 2024/11/08 12:0 a.m.•52 views

CVE-2024-35424

CVE-2024-35424 affects the VMIR library (e8117) with a segmentation violation in the internal function import_function at /src/vmir_wasm_parser.c. The metric data indicates a MEDIUM base score (CVSS 3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) and a HIGH impact on availability, with no confidentiali...

5.5CVSS7AI score0.00204EPSS

CVE•added 2024/11/08 12:0 a.m.•50 views

CVE-2024-35427

The CVE-2024-35427 entry relates to VMIR e8117, a standalone C library. Multiple connected sources confirm a segmentation fault triggered by the export_function function in /src/vmir_wasm_parser.c, constituting a vulnerability in the VMIR parsing path. The core issue is a segmentation violation w...

5.5CVSS7.2AI score0.00156EPSS

CVE•added 2024/11/08 12:0 a.m.•47 views

CVE-2024-35423

CVE-2024-35423 affects vmir e8117, with a heap buffer overflow in wasm_parse_section_functions implemented in /src/vmir_wasm_parser.c. Impact described as high with LOCAL access and user interaction required. Some sources note a workaround: temporarily disable wasm_parse_section_functions until a...

7.8CVSS7.7AI score0.00308EPSS

CVE•added 2024/11/08 12:0 a.m.•47 views

CVE-2024-35426

CVE-2024-35426 affects the standalone VMIR library (e8117) with a stack overflow in the init_local_vars function at /src/vmir_wasm_parser.c. The NVD entry notes CVSS v3.1 base score 9.8 (CRITICAL) with network access, no user interaction, and high impact to confidentiality/integrity/availability....

9.8CVSS8.1AI score0.00574EPSS