Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1mbXE2LTR3NTctMnczds4ABBGc

wasm3 uncontrolled memory allocation vulnerability

wasm3 at commit 139076a contains a memory leak in the Read_utf8 function.

Permalink: https://github.com/advisories/GHSA-fmq6-4w57-2w3v
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1mbXE2LTR3NTctMnczds4ABBGc
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 12 days ago
Updated: 2 days ago


CVSS Score: 8.4
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Identifiers: GHSA-fmq6-4w57-2w3v, CVE-2024-27529
References: Repository: https://github.com/wasm3/wasm3
Blast Radius: 8.6

Affected Packages

cargo:wasm3
Dependent packages: 5
Dependent repositories: 4
Downloads: 20,855 total
Affected Version Ranges: <= 0.3.1
No known fixed version
All affected versions: 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.2.0, 0.3.0, 0.3.1
pypi:pywasm3
Dependent packages: 0
Dependent repositories: 2
Downloads: 158 last month
Affected Version Ranges: <= 0.5.0
No known fixed version
All affected versions: 0.0.1, 0.0.2, 0.4.8, 0.4.9, 0.5.0
swift:github.com/shareup/wasm-interpreter-apple
Affected Version Ranges: <= 0.8.1
No known fixed version