PT-2025-43676 · Wasmtime · Wasmtime
Published
2025-07-18
·
Updated
2025-10-29
·
CVE-2025-62711
CVSS v3.1
3.1
Low
| Vector | AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Wasmtime versions 38.0.0 through 38.0.2
Description
Wasmtime is a runtime for WebAssembly. Versions from 38.0.0 through 38.0.2 contain a flaw in the implementation of component-model related host-to-wasm trampolines. Specifically, a carefully crafted component, when called in a specific way, can cause the host to crash with a segmentation fault or assertion failure.
Recommendations
Update to version 38.0.3 or later.
Exploit
Fix
Improper Handling of Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wasmtime