Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
wasm3 m3_exec.h op_CallIndirect memory corruption
Vulnerability Description
A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function op_SetSlot_i32/op_CallIndirect of the file m3_exec.h. Performing a manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used. Unfortunately, the project has no active maintainer at the moment.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
Wasm3 缓冲区错误漏洞
Vulnerability Description
Wasm3是Wasm3开源的一个快速的WebAssembly解释器和最通用的WASM运行时。 wasm3 0.5.0及之前版本存在缓冲区错误漏洞,该漏洞源于文件m3_exec.h中op_SetSlot_i32/op_CallIndirect函数存在内存损坏,可能导致本地攻击。
CVSS Information
N/A
Vulnerability Type
N/A