Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo wasmtime Security Advisories

High

GSA_kwCzR0hTQS13aDZ3LTM4MjgtZzlxZs4AAv0W

Wasmtime may have data leakage between instances in the pooling allocator
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Published: 7 months ago

Moderate

GSA_kwCzR0hTQS03ZjZ4LWp3aDUtbTlyNM4AAtkN

Cranelift vulnerable to miscompilation of constant values in division on AArch64
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Published: 11 months ago

Moderate

GSA_kwCzR0hTQS1qcXdjLWM0OXItNHcyeM4AAtBw

Miscompilation of `i8x16.swizzle` and `select` with v128 inputs
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Published: 11 months ago

Moderate

GSA_kwCzR0hTQS1xODc5LTlnOTUtNTZteM0V3Q

Wrong type for `Linker`-define functions when used across two `Engine`s
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Published: over 1 year ago

Moderate

GSA_kwCzR0hTQS00ODczLTM2aDktd3Y0Oc0V3A

Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Published: over 1 year ago

Moderate

GSA_kwCzR0hTQS12NGNwLWg5NHItbTd4Zs0V2w

Use after free passing `externref`s to Wasm in Wasmtime
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Published: over 1 year ago

Moderate

GSA_kwCzR0hTQS01ZmhqLWczcDMtcHE5Z84AAtg8

Wasmtime vulnerable to Use After Free with `externref`s
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Published: 11 months ago

Low

GSA_kwCzR0hTQS1jaDg5LTVnNDUtcXdjN84AAy_z

Undefined Behavior in Rust runtime functions
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Published: about 1 month ago

High

GSA_kwCzR0hTQS1nd2M5LTM0OHgtcXd2Ms03ng

Use after free in Wasmtime
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Published: about 1 year ago

Moderate

GSA_kwCzR0hTQS04OHhxLXc4Y3EteGZnN80sbg

Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globals
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Published: over 1 year ago

Critical

GSA_kwCzR0hTQS1mZjRwLTd4cnEtcTVyOM4AAyAY

wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Published: 3 months ago

Low

GSA_kwCzR0hTQS14bTY3LTU4N3EtcjJ2d84AAyAX

wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Published: 3 months ago

Moderate

GSA_kwCzR0hTQS00NG1yLTh2bW0td2poZ84AAv0V

Wasmtime out of bounds read/write with zero-memory-pages configuration
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Published: 7 months ago

Filter by Severity

Moderate 5,145 High 4,556 Critical 2,099 Low 676

Filter by Ecosystem

maven 3,859 npm 3,126 pypi 2,605 packagist 1,696 go 1,243 nuget 939 rubygems 711 cargo 640 hex 21 actions 10 pub 5

Filter by Package