Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo wasmtime Security Advisories

Loading...
Low
GSA_kwCzR0hTQS03NWhxLWg2ZzktaDRxNc4AA6jC
Wasmtime vulnerable to panic when using a dropped extenref-typed element segment
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 4 months ago
Low
GSA_kwCzR0hTQS1oODRxLW04cnItM3Y5cc4AA4-6
wasmtime_trap_code C API function has out of bounds write vulnerability
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 6 months ago
Low
GSA_kwCzR0hTQS1ndzVwLXE4bWotcDdnaM4AA14F
Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 11 months ago
Low
GSA_kwCzR0hTQS1jaDg5LTVnNDUtcXdjN84AAy_z
Undefined Behavior in Rust runtime functions
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1mZjRwLTd4cnEtcTVyOM4AAyAY
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: over 1 year ago
Low
GSA_kwCzR0hTQS14bTY3LTU4N3EtcjJ2d84AAyAX
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 1 year ago
High
GSA_kwCzR0hTQS13aDZ3LTM4MjgtZzlxZs4AAv0W
Wasmtime may have data leakage between instances in the pooling allocator
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00NG1yLTh2bW0td2poZ84AAv0V
Wasmtime out of bounds read/write with zero-memory-pages configuration
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03ZjZ4LWp3aDUtbTlyNM4AAtkN
Cranelift vulnerable to miscompilation of constant values in division on AArch64
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01ZmhqLWczcDMtcHE5Z84AAtg8
Wasmtime vulnerable to Use After Free with `externref`s
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qcXdjLWM0OXItNHcyeM4AAtBw
Miscompilation of `i8x16.swizzle` and `select` with v128 inputs
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nd2M5LTM0OHgtcXd2Ms03ng
Use after free in Wasmtime
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS04OHhxLXc4Y3EteGZnN80sbg
Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globals
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1xODc5LTlnOTUtNTZteM0V3Q
Wrong type for `Linker`-define functions when used across two `Engine`s
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS00ODczLTM2aDktd3Y0Oc0V3A
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS12NGNwLWg5NHItbTd4Zs0V2w
Use after free passing `externref`s to Wasm in Wasmtime
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: almost 3 years ago
Statistics
Advisories: 19,584
Packages: 8,642
Repositories: 1
Ecosystems: 12
Filter by Severity
Moderate 8,559 High 6,707 Critical 2,930 Low 1,073
Filter by Ecosystem
maven 5,662 packagist 4,372 pypi 4,006 npm 3,637 go 2,075 nuget 1,467 rubygems 827 cargo 824 swift 31 hex 30 actions 16 pub 8
Filter by Package
openssl-src 26 ckb 22 rusqlite 16 wasmtime 16 deno 13 surrealdb 9 openssl 8 hyper 7 libpulse-binding 7 sized-chunks 6 Simple-Wayland-HotKey-Daemon 6 cranelift-codegen 6 smallvec 6 xcb 5 messagepack-rs 5 tauri 5 bottlerocket/update-operator 5 lock_api 5 cargo 5 comrak 5 frontier 5 raw-cpuid 4 tokio 4 deno_runtime 4 evm 4 apollo-router 4 tremor-script 4 actix-web 4 pleaser 4 ammonia 3 arrow 3 nanorand 3 slice-deque 3 fltk 3 solana_rbpf 3 id-map 3 h2 3 arr 3 grin 3 ntpd 3 apache-avro 3 s2n-quic 3 crossbeam 3 gitoxide 3 ursa 3 gix 3 anoncreds-clsignatures 3 matrix-sdk-crypto 3 flatbuffers 3 quiche 3 routinator 3 tough 3 crossbeam-channel 3 cgc 3 acc_reader 3 vodozemac 2 v9 2 simple-slab 2 internment 2 ticketed_lock 2 phonenumber 2 signal-simple 2 tiny_future 2 pywasm3 2 zerocopy 2 mopa 2 flumedb 2 tar 2 http 2 inventory 2 binjs_io 2 bite 2 gfx-auxil 2 futures-util 2 lru 2 libp2p-core 2 tor-circmgr 2 ozone 2 crayon 2 arenavec 2 spin 2 traitobject 2 csv-sniffer 2 opcua 2 parc 2 derive-com-impl 2 abi_stable 2 memoffset 2 Deno 2 ordnung 2 vm-memory 2 reorder 2 rocket 2 libgit2-sys 2 multiqueue 2 metrics-util 2 wasm3 2 rsa 2 hyper-staticfile 2 gix-worktree-state 2 gix-worktree 2 gitoxide-core 2 gix-index 2 rdiff 2 bronzedb-protocol 2 buffoon 2 russh 2 rust-embed 2 rulex 2 failure 2 cache 2 streebog 2 bumpalo 2 arti 2 molecule 2 array-macro 2 abomonation 2 sodiumoxide 2 nano-id 2 oqs 2 syncpool 2 actix-http 2 crypto2 2 generator 2 libsecp256k1 2 slack-morphism 2 mio 2 slock 2 columnar 2 toodee 2 sha2 2 ash 2 tectonic_xdv 2 simple_asn1 2 async-h1 2 coreos-installer 2 rand_core 2 image 2 ncurses 2 futures-task 2 sequoia-openpgp 2 tower-http 2 gix-transport 2 pnet 2 vec-const 2 evm-core 2 stack_dst 2 net2 2 svix 2 lettre 2 trust-dns-server 2 nix 2 electron 1 SkiaSharp 1 github.com/chai2010/webp 1 snow 1 libdav1d-sys 1 libwebp-sys 1 Pillow 1 serde_yaml 1 safe-transmute 1 libwebp-sys2 1 actix-utils 1 string-interner 1 diesel 1 bam 1 iced-x86 1 totp-rs 1 blurhash 1 trillium-client 1 wasmi 1 pancurses 1 beef 1 cassandra-cpp 1 whoami 1 async-coap 1 transpose 1 bigint 1 rgb 1 aliyundrive-webdav 1 serde_v8 1 magick.net-q8-x64 1 magick.net-q8-openmp-x64 1 protobuf 1 magick.net-q8-anycpu 1 magick.net-q16-x64 1 scratchpad 1 magick.net-q16-hdri-anycpu 1 magick.net-q16-anycpu 1 lzf 1 simd-json 1 orion 1 cookie 1 lz4-sys 1 cyfs-base 1 linked_list_allocator 1 tungstenite 1 rustls-webpki 1 vmm-sys-util 1 stellar-strkey 1
Filter by Repository
https://github.com/bytecodealliance/wasmtime 16