Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Wasmtime vulnerable to segfault when using component resources
Vulnerability Description
Wasmtime is a runtime for WebAssembly. In versions from 38.0.0 to before 38.0.3, the implementation of component-model related host-to-wasm trampolines in Wasmtime contained a bug where it's possible to carefully craft a component, which when called in a specific way, would crash the host with a segfault or assert failure. Wasmtime 38.0.3 has been released and is patched to fix this issue. There are no workarounds.
CVSS Information
N/A
Vulnerability Type
对异常条件的处理不恰当
Vulnerability Title
wasmtime 安全漏洞
Vulnerability Description
wasmtime是Bytecode Alliance开源的一个轻量级WebAssembly运行时。 Wasmtime 38.0.0版本至38.0.3之前版本存在安全漏洞,该漏洞源于组件模型相关的主机到wasm跳板实现存在缺陷,可能导致段错误或断言失败。
CVSS Information
N/A
Vulnerability Type
N/A