Lucene search
K
Wasm3 ProjectWasm3

19 matches found

CVE
CVE
added 2024/05/06 12:0 a.m.200 views

CVE-2024-34249

The connected documents confirm a concrete issue in wasm3 v0.5.0: a heap buffer overflow in the DeallocateSlot function (wasm3/source/m3_compile.c) that leads to a segmentation fault. Exploitation may require local network access (PT-2024-25767). Remediation guidance cites updating to a patched v...

9.8CVSS7.7AI score0.007EPSS
CVE
CVE
added 2024/11/08 12:0 a.m.114 views

CVE-2024-27529

CVE-2024-27529 concerns wasm3, a WebAssembly interpreter. The issue is a memory leak in the Read_utf8 function at commit 139076a, affecting wasm3 139076a. The vulnerability is described as memory leaks (and related DoS implications in various advisories) with a high impact on confidentiality, int...

8.4CVSS6.7AI score0.00266EPSS
CVE
CVE
added 2026/02/10 3:32 p.m.104 views

CVE-2025-15572

wasm3 up to 0.5.0 contains a local vulnerability in the NewCodePage function that leads to a memory leak. The issue is exploitable locally, with an exploit publicly disclosed. There is currently no active maintainer for the project. The provided metrics indicate partial availability impact and lo...

5.5CVSS4.9AI score0.00157EPSS
CVE
CVE
added 2022/05/20 6:6 p.m.98 views

CVE-2022-28990

WASM3 v0.5.0 contains a heap overflow in the /wabt/bin/poc.wasm component. CVSS details (3.1) indicate local attack vector with low complexity and high impact (C/H/I/A). No remediation details are provided in the supplied documents; exploitation status is not stated.

7.8CVSS7.8AI score0.0039EPSS
CVE
CVE
added 2021/08/12 1:19 a.m.92 views

CVE-2021-38592

CVE-2021-38592 affects Wasm3 0.5.0 and is a heap-based buffer overflow in op_Const64 (triggered via EvaluateExpression and m3_LoadModule). According to sources, exploitability is network with no authentication, and impact includes availability loss (A: High). Remediation details are not provided ...

7.5CVSS7.7AI score0.01294EPSS
CVE
CVE
added 2024/11/08 12:0 a.m.74 views

CVE-2024-27530

CVE-2024-27530 affects wasm3, version 139076a, with a Use-After-Free in ForEachModule. The issue is memory-safety related and can have high impact per CVSS. Public details consistently identify ForEachModule as the vulnerable component and a memory-use-after-free condition. A practical workaround...

8.4CVSS6.6AI score0.00221EPSS
CVE
CVE
added 2022/09/20 5:12 p.m.72 views

CVE-2022-39974

CVE-2022-39974 affects WASM3 v0.5.0. The root cause is a segmentation fault in the op_Select_i32_srs path of wasm3/source/m3_exec.h, potentially causing availability impact. Exploitation is indicated as possible via a proof-of-concept (per references noting a poc), with the CVSSv3.1 profile showi...

7.5CVSS7.4AI score0.0077EPSS
CVE
CVE
added 2022/04/16 3:52 p.m.66 views

CVE-2022-28966

Wasm3 0.5.0 contains a heap-based buffer overflow in NewCodePage (m3_code.c), triggered indirectly via Compile_BranchTable in m3_compile.c. This is the concrete vulnerability described across multiple sources (CVE-2022-28966). The connected documents identify the affected component and root cause...

5.5CVSS5.7AI score0.00597EPSS
CVE
CVE
added 2022/12/13 12:0 a.m.65 views

CVE-2022-44874

CVE-2022-44874 concerns wasm3, with a segmentation fault detected in the op_CallIndirect path of the interpreter. Affected version includes commit 7890a2097569fde845881e0b352d813573e371f9; the issue arises in the /m3_exec.h component. The connected documents do not provide an official patched ver...

5.5CVSS5.5AI score0.00305EPSS
CVE
CVE
added 2024/11/08 12:0 a.m.61 views

CVE-2024-27527

CVE-2024-27527 affects wasm3 version 139076a and describes a vulnerability that can lead to a Denial of Service (DoS). The connected sources consistently state that wasm3 139076a is vulnerable to DoS, with the issue rooted in a flaw that could be exploited to render the wasm3 runtime unavailable....

7.5CVSS6.6AI score0.00441EPSS
CVE
CVE
added 2024/05/06 12:0 a.m.61 views

CVE-2024-34252

CVE-2024-34252 affects wasm3 v0.5.0, where a global buffer overflow in the function PreserveRegisterIfOccupied (wasm3/source/m3_compile.c) can cause a segmentation fault. The vulnerability is described across multiple sources (NVD, Red Hat, OSV, CNNVD, CVE CVE list) with CVSS v3.1 base score 7.5 ...

7.5CVSS7.7AI score0.00627EPSS
CVE
CVE
added 2022/07/27 1:9 p.m.60 views

CVE-2022-34529

CVE-2022-34529 affects WASM3 v0.5.0, with a segmentation fault occurring in the Compile_Memory_CopyFill component. Multiple connected records (Red Hat, GHSA, OSV, NVD, etc.) corroborate a segmentation fault in this module, indicating a likely crash condition when executing memory copy/fill operat...

5.5CVSS5.4AI score0.00275EPSS
CVE
CVE
added 2024/05/06 12:0 a.m.60 views

CVE-2024-34246

Wasm3 v0.5.0 contains an out-of-bounds memory read that leads to a segmentation fault via wasm3/platforms/app/main.c::main. The Red Hat, NVD, OSV, CNNVD, CVE listings, and linked sources consistently describe this issue as a memory read vulnerability causing a crash. The available documents do no...

7.5CVSS7.2AI score0.00515EPSS
CVE
CVE
added 2024/11/08 12:0 a.m.59 views

CVE-2024-27528

CVE-2024-27528 affects wasm3 version 139076a with an Invalid Memory Read vulnerability that can cause Denial of Service and potentially Code Execution. Multiple sources (NVD, Red Hat, CNNVD, CVE listings, PT-security) corroborate the issue and describe the same root cause and impact. Exploitation...

8.4CVSS6.8AI score0.0024EPSS
CVE
CVE
added 2021/12/31 11:55 p.m.49 views

CVE-2021-45947

Wasm3 0.5.0 is affected by an out-of-bounds write in Runtime_Release, triggered from EvaluateExpression and InitDataSegments. This is the concrete issue described across CVE-2021-45947 entries (e.g., Red Hat, NVD, OSV). The vulnerability appears in the runtime code path of Wasm3, potentially impa...

5.5CVSS5.6AI score0.00667EPSS
CVE
CVE
added 2021/12/31 11:51 p.m.47 views

CVE-2021-45946

Wasm3 0.5.0 contains an out-of-bounds write in the CompileBlock path, triggered by Compile_LoopOrBlock and CompileBlockStatements. This is the documented root cause of CVE-2021-45946, as reflected across multiple sources (NVD, Red Hat, OSV, CVE lists). The connected records confirm the vulnerable...

5.5CVSS5.6AI score0.00664EPSS
CVE
CVE
added 2021/12/31 11:51 p.m.43 views

CVE-2021-45929

CVE-2021-45929 affects Wasm3 0.5.0 with an out-of-bounds write in the CompileBlock function (invoked by CompileElseBlock and Compile_If). The connected sources confirm the exact vulnerable component and code path, but there is no public detail on exploit status, impact scope, or available fixes i...

5.5CVSS5.6AI score0.00664EPSS
CVE
CVE
added 2025/06/19 6:0 p.m.31 views

CVE-2025-6272

Wasm3 v0.5.0 contains a vulnerability in the MarkSlotAllocated function in source/m3_compile.c that enables an out-of-bounds write. The issue is exploitable locally and has been disclosed publicly. Connected sources corroborate the basic details; one PT Security advisory suggests a temporary work...

4.8CVSS4AI score0.00188EPSS
CVE
CVE
added 2026/01/01 9:2 p.m.15 views

CVE-2025-15413

Summary: CVE-2025-15413 affects wasm3 up to 0.5.0, specifically the functions in the file m3_exec.h: op_SetSlot_i32 and op_CallIndirect. The vulnerability allows memory corruption via local manipulation of execution flow. What’s affected: wasm3 0.5.0 and earlier; code paths involved are the slot-...

7.8CVSS5AI score0.00175EPSS