bytecodealliance Summary
Latest vulnerabilities published by bytecodealliance
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Memory Leak Vulnerabilities in Wasmtime Runtime for WebAssembly
CVE-2025-61670BytecodeallianceWasmtime1LOWWebAssembly Micro Runtime Vulnerability in LLVM-JIT Mode by ByteCode Alliance
CVE-2025-58749BytecodeallianceWasm-micro-runtime2.1LOWWebAssembly Micro Runtime Vulnerability in WAMR's iwasm Package
CVE-2025-54126BytecodeallianceWasm-micro-runtime6.9MEDIUMWebAssembly Runtime Vulnerability in Wasmtime by Bytecode Alliance
CVE-2025-53901BytecodeallianceWasmtime3.5LOWSymlink Following Vulnerability in WebAssembly Micro Runtime on Windows
CVE-2025-43853BytecodeallianceWasm-micro-runtime7HIGHPrivilege Escalation Vulnerability in Bytecode Alliance Wasm Micro Runtime
CVE-2024-25431BytecodeallianceWebassembly Micro Runtime7.8HIGHSpecial Device Filenames Bypass Sandbox in cap-std on Windows
CVE-2024-51756BytecodeallianceCap-stdPatch Releases Issued for Wasmtime to Address Sandbox Bypass Vulnerability
CVE-2024-51745BytecodeallianceWasmtimeMemory Management Flaw in WebAssembly Micro Runtime by Bytecode Alliance
CVE-2023-52284BytecodeallianceWebassembly Micro Runtime5.5MEDIUMHeap Overflow Vulnerability in Bytecode Alliance Wasm-Micro-Runtime
CVE-2023-48105BytecodeallianceWebassembly Micro Runtime7.5HIGHMiscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64
CVE-2023-41880BytecodeallianceWasmtime2.2LOWWasmtime has Undefined Behavior in Rust runtime functions
CVE-2023-30624BytecodeallianceWasmtime3.9LOWGuest-controlled out-of-bounds read/write on x86_64 in wasmtime
CVE-2023-26489BytecodeallianceWasmtime10CRITICALCode Generation Bug in Wasmtime Affects WebAssembly on x86_64 Platforms
CVE-2023-27477BytecodeallianceWasmtime3.1LOWWasmtime vulnerable to out of bounds read/write with zero-memory-pages configuration
CVE-2022-39392BytecodeallianceWasmtime5.9MEDIUMWasmtime vulnerable to data leakage between instances in the pooling allocator
CVE-2022-39393BytecodeallianceWasmtime8.6HIGHwasmtime_trap_code C API function has out of bounds write vulnerability
CVE-2022-39394BytecodeallianceWasmtime3.8LOWCranelift vulnerable to miscompilation of constant values in division on AArch64
CVE-2022-31169BytecodeallianceWasmtime5.9MEDIUMUse After Free in Wasmtime
CVE-2022-31146BytecodeallianceWasmtime6.4MEDIUMMiscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime
CVE-2022-31104BytecodeallianceWasmtime4.8MEDIUMUse after free in Wasmtime
CVE-2022-24791BytecodeallianceWasmtime8.1HIGHInvalid drop of partially-initialized instances in wasmtime
CVE-2022-23636BytecodeallianceWasmtime5.1MEDIUMUse After Free in lucet
CVE-2021-43790BytecodeallianceLucet8.5HIGHOut-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
CVE-2021-39218BytecodeallianceWasmtime6.3MEDIUMWrong type for `Linker`-define functions when used across two `Engine`s
CVE-2021-39219BytecodeallianceWasmtime6.3MEDIUM