Mobscenezo

#11010of 53,624
25Total CVSS
Vulnerabilities · 4
Medium
3
High
1
PT-2024-25769
6.2
2024-05-06
Bytecode Alliance · Wasm-Micro-Runtime · CVE-2024-34250
**Name of the Vulnerable Software and Affected Versions** Bytecode Alliance wasm-micro-runtime version 2.0.0 **Description** A heap buffer overflow issue was discovered, allowing a remote attacker to cause at least a denial of service via the `wasm loader check br` function in core/iwasm/interpreter/wasm loader.c. **Recommendations** For Bytecode Alliance wasm-micro-runtime version 2.0.0, as a temporary workaround, consider disabling the `wasm loader check br` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-25770
7.8
2024-04-23
Bytecode Alliance · Wasm-Micro-Runtime · CVE-2024-34251
**Name of the Vulnerable Software and Affected Versions** Bytecode Alliance wasm-micro-runtime version 2.0.0 **Description** An out-of-bound memory read issue was discovered, allowing a remote attacker to cause a denial of service via the `block type get arity` function in core/iwasm/interpreter/wasm.h. **Recommendations** For Bytecode Alliance wasm-micro-runtime version 2.0.0, consider disabling the `block type get arity` function as a temporary workaround until a patch is available.
PT-2023-29963
5.5
2023-10-23
Unknown · Webassembly Wabt · CVE-2023-46331
**Name of the Vulnerable Software and Affected Versions** WebAssembly wabt version 1.0.33 **Description** The issue is an Out-of-Bound Memory Read in the `DataSegment::IsValidRange()` function, which can lead to a segmentation fault. **Recommendations** For WebAssembly wabt version 1.0.33, consider disabling the `DataSegment::IsValidRange()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2023-29964
5.5
2023-10-23
Unknown · Webassembly Wabt · CVE-2023-46332
**Name of the Vulnerable Software and Affected Versions** WebAssembly wabt version 1.0.33 **Description** The issue is related to an Out-of-Bound Memory Write in the `DataSegment::Drop()` function, which can lead to a segmentation fault. **Recommendations** For WebAssembly wabt version 1.0.33, consider updating to a newer version that contains a fix for this issue, as the current version is affected by the Out-of-Bound Memory Write in `DataSegment::Drop()`. At the moment, there is no information about a newer version that contains a fix for this vulnerability.