| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-51745 | Wasmtime doesn't fully sandbox all the Windows device filenames | bytecodealliance | wasmtime | - | - | 2024-11-05 21:09:44 | Deep Dive |
| CVE-2024-47813 | Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations | bytecodealliance | wasmtime | Low | 2.9 | 2024-10-09 18:07:50 | Deep Dive |
| CVE-2024-47763 | Wasmtime runtime crash when combining tail calls with trapping imports | bytecodealliance | wasmtime | Medium | 5.5 | 2024-10-09 18:03:34 | Deep Dive |
| CVE-2024-30266 | Wasmtime vulnerable to panic when using a dropped extenref-typed element segment | bytecodealliance | wasmtime | Low | 3.3 | 2024-04-04 15:42:00 | Deep Dive |
| CVE-2023-41880 | Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64 | bytecodealliance | wasmtime | Low | 2.2 | 2023-09-15 19:43:42 | Deep Dive |
| CVE-2023-30624 | Wasmtime has Undefined Behavior in Rust runtime functions | bytecodealliance | wasmtime | Low | 3.9 | 2023-04-27 16:56:50 | Deep Dive |
| CVE-2023-26489 | Guest-controlled out-of-bounds read/write on x86_64 in wasmtime | bytecodealliance | wasmtime | Critical | 9.9 | 2023-03-08 19:59:57 | Deep Dive |
| CVE-2023-27477 | Wasmtime 安全漏洞 | bytecodealliance | wasmtime | Low | 3.1 | 2023-03-08 00:00:00 | Deep Dive |
| CVE-2022-39393 | Wasmtime vulnerable to data leakage between instances in the pooling allocator | bytecodealliance | wasmtime | High | 8.6 | 2022-11-10 00:00:00 | Deep Dive |
| CVE-2022-39392 | Wasmtime vulnerable to out of bounds read/write with zero-memory-pages configuration | bytecodealliance | wasmtime | Medium | 5.9 | 2022-11-10 00:00:00 | Deep Dive |
| CVE-2022-39394 | wasmtime_trap_code C API function has out of bounds write vulnerability | bytecodealliance | wasmtime | Low | 3.8 | 2022-11-10 00:00:00 | Deep Dive |
| CVE-2022-31169 | Cranelift vulnerable to miscompilation of constant values in division on AArch64 | bytecodealliance | wasmtime | Medium | 5.9 | 2022-07-21 13:50:11 | Deep Dive |
| CVE-2022-31146 | Use After Free in Wasmtime | bytecodealliance | wasmtime | Medium | 6.4 | 2022-07-20 22:30:16 | Deep Dive |
| CVE-2022-31104 | Miscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime | bytecodealliance | wasmtime | Medium | 4.8 | 2022-06-27 23:20:13 | Deep Dive |
| CVE-2022-24791 | Use after free in Wasmtime | bytecodealliance | wasmtime | High | 8.1 | 2022-03-31 23:00:15 | Deep Dive |
| CVE-2022-23636 | Invalid drop of partially-initialized instances in wasmtime | bytecodealliance | wasmtime | Medium | 5.1 | 2022-02-16 22:00:10 | Deep Dive |
| CVE-2021-39218 | Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime | bytecodealliance | wasmtime | Medium | 6.3 | 2021-09-17 20:10:19 | Deep Dive |
| CVE-2021-39219 | Wrong type for `Linker`-define functions when used across two `Engine`s | bytecodealliance | wasmtime | Medium | 6.3 | 2021-09-17 20:10:13 | Deep Dive |
| CVE-2021-39216 | Use after free passing `externref`s to Wasm in Wasmtime | bytecodealliance | wasmtime | Medium | 6.3 | 2021-09-17 20:05:11 | Deep Dive |
| CVE-2021-32629 | Memory access due to code generation flaw in Cranelift module | bytecodealliance | wasmtime | High | 7.2 | 2021-05-24 15:35:11 | Deep Dive |