Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
cargo wasmtime Security Advisories
Browse all Security Advisories for cargo wasmtime
Loading...
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
GSA_kwCzR0hTQS1jMmY1LWp4anYtMmhoOM4ABBAa
Wasmtime doesn't fully sandbox all the Windows device filenamesEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: about 1 month ago
GSA_kwCzR0hTQS03cW14LTNmcHgtcjQ1bc4ABAI_
Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violationsEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: about 1 month ago
Moderate
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: about 1 month ago
GSA_kwCzR0hTQS1xOGh4LW1tOTItNHd2Z84ABAI-
wasmtime has a runtime crash when combining tail calls with trapping importsEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: about 1 month ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 8 months ago
GSA_kwCzR0hTQS03NWhxLWg2ZzktaDRxNc4AA6jC
Wasmtime vulnerable to panic when using a dropped extenref-typed element segmentEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 8 months ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 10 months ago
GSA_kwCzR0hTQS1oODRxLW04cnItM3Y5cc4AA4-6
wasmtime_trap_code C API function has out of bounds write vulnerabilityEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 10 months ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: about 1 year ago
GSA_kwCzR0hTQS1ndzVwLXE4bWotcDdnaM4AA14F
Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 1 year ago
GSA_kwCzR0hTQS1jaDg5LTVnNDUtcXdjN84AAy_z
Undefined Behavior in Rust runtime functionsEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: over 1 year ago
GSA_kwCzR0hTQS1mZjRwLTd4cnEtcTVyOM4AAyAY
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: over 1 year ago
Low
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 1 year ago
GSA_kwCzR0hTQS14bTY3LTU4N3EtcjJ2d84AAyAX
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 1 year ago
High
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: about 2 years ago
GSA_kwCzR0hTQS13aDZ3LTM4MjgtZzlxZs4AAv0W
Wasmtime may have data leakage between instances in the pooling allocatorEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: about 2 years ago
Moderate
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 2 years ago
GSA_kwCzR0hTQS00NG1yLTh2bW0td2poZ84AAv0V
Wasmtime out of bounds read/write with zero-memory-pages configurationEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 2 years ago
Moderate
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 2 years ago
GSA_kwCzR0hTQS03ZjZ4LWp3aDUtbTlyNM4AAtkN
Cranelift vulnerable to miscompilation of constant values in division on AArch64Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: over 2 years ago
GSA_kwCzR0hTQS01ZmhqLWczcDMtcHE5Z84AAtg8
Wasmtime vulnerable to Use After Free with `externref`sEcosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: over 2 years ago
GSA_kwCzR0hTQS1qcXdjLWM0OXItNHcyeM4AAtBw
Miscompilation of `i8x16.swizzle` and `select` with v128 inputsEcosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: over 2 years ago
High
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 2 years ago
GSA_kwCzR0hTQS1nd2M5LTM0OHgtcXd2Ms03ng
Use after free in WasmtimeEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: almost 3 years ago
GSA_kwCzR0hTQS04OHhxLXc4Y3EteGZnN80sbg
Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globalsEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: almost 3 years ago
Moderate
Ecosystems: pypi, cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 3 years ago
GSA_kwCzR0hTQS1xODc5LTlnOTUtNTZteM0V3Q
Wrong type for `Linker`-define functions when used across two `Engine`sEcosystems: pypi, cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 3 years ago
Moderate
Ecosystems: pypi, cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 3 years ago
GSA_kwCzR0hTQS00ODczLTM2aDktd3Y0Oc0V3A
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in WasmtimeEcosystems: pypi, cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 3 years ago
Moderate
Ecosystems: pypi, cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 3 years ago
GSA_kwCzR0hTQS12NGNwLWg5NHItbTd4Zs0V2w
Use after free passing `externref`s to Wasm in WasmtimeEcosystems: pypi, cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 3 years ago
High
Ecosystems: pypi, cargo
Packages: wasmtime, cranelift-codegen
Source: GitHub Advisory Database
Blast Radius: 36.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwcWgtMndxeC03cXA1
Memory access due to code generation flaw in Cranelift moduleEcosystems: pypi, cargo
Packages: wasmtime, cranelift-codegen
Source: GitHub Advisory Database
Blast Radius: 36.1
Published: about 3 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 1
Ecosystems: 12
Packages: 9,040
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
openssl-src
26
ckb
22
wasmtime
19
rusqlite
16
deno
13
surrealdb
12
openssl
8
hyper
7
libpulse-binding
7
sized-chunks
6
smallvec
6
apollo-router
6
Simple-Wayland-HotKey-Daemon
6
cargo
6
cranelift-codegen
6
tauri
5
lock_api
5
xcb
5
bottlerocket/update-operator
5
messagepack-rs
5
comrak
5
raw-cpuid
4
tremor-script
4
actix-web
4
evm
4
pleaser
4
gitoxide
4
surrealdb-core
4
wasmtime
4
tokio
4
deno_runtime
4
routinator
3
s2n-tls
3
crossbeam
3
nanorand
3
arr
3
ntpd
3
gix-path
3
anoncreds-clsignatures
3
ursa
3
pywasm3
3
wasm3
3
gix
3
solana_rbpf
3
ammonia
3
fltk
3
slice-deque
3
cgc
3
acc_reader
3
flatbuffers
3
id-map
3
grin
3
s2n-quic
3
russh
3
gitoxide-core
3
h2
3
matrix-sdk-crypto
3
tough
3
crossbeam-channel
3
apache-avro
3
pallet-ethereum
3
arrow
3
quiche
3
molecule
2
tower-http
2
parc
2
rand_core
2
svix
2
ncurses
2
syncpool
2
async-h1
2
phonenumber
2
flumedb
2
arenavec
2
sequoia-openpgp
2
futures-task
2
net2
2
lru
2
abomonation
2
quinn-proto
2
vodozemac
2
simple_asn1
2
crypto2
2
zerocopy
2
gix-transport
2
traitobject
2
nano-id
2
mio
2
tectonic_xdv
2
ash
2
vm-memory
2
array-macro
2
libgit2-sys
2
mopa
2
rocket
2
cache
2
reorder
2
multiqueue
2
sodiumoxide
2
sha2
2
ordnung
2
ozone
2
Deno
2
arti
2
spin
2
memoffset
2
tor-circmgr
2
trust-dns-server
2
cocoon
2
biscuit-auth
2
abi_stable
2
generator
2
toodee
2
derive-com-impl
2
coreos-installer
2
github.com/CosmWasm/wasmvm
2
gix-worktree-state
2
lettre
2
pallet-evm-precompile-modexp
2
rust-embed
2
bite
2
hyper-staticfile
2
crayon
2
metrics-util
2
opcua
2
rdiff
2
gfx-auxil
2
binjs_io
2
pnet
2
internment
2
simple-slab
2
v9
2
diesel
2
rsa
2
signal-simple
2
ticketed_lock
2
tiny_future
2
evm-core
2
columnar
2
slock
2
rulex
2
pyo3
2
nix
2
csv-sniffer
2
buffoon
2
bumpalo
2
streebog
2
http
2
bronzedb-protocol
2
libsecp256k1
2
futures-util
2
oqs
2
async-graphql
2
slack-morphism
2
actix-http
2
stack_dst
2
gix-index
2
failure
2
cosmwasm-vm
2
libp2p-core
2
vec-const
2
inventory
2
gix-worktree
2
tar
2
image
2
rgb
1
os_str_bytes
1
nano_arena
1
once_cell
1
serde_cbor
1
@tauri-apps/cli
1
atom
1
ed25519-dalek
1
rustix
1
odoh-rs
1
serde-json-wasm
1
linked_list_allocator
1
lz4-sys
1
cookie
1
orion
1
simd-json
1
tiny_http
1
ouroboros
1
parse_duration
1
xml-rs
1
endian_trait
1
totp-rs
1
string-interner
1
safe-transmute
1
serde_yaml
1
scratchpad
1
protobuf
1
pubnub/pubnub
1
pubnub
1
pubnub
1
Pubnub
1
github.com/pubnub/go/v5
1
github.com/pubnub/go/v6
1
github.com/pubnub/go
1
github.com/pubnub/go/v7
1
Filter by Repository