bytecodealliance Summary
Latest vulnerabilities published by bytecodealliance
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
WebAssembly Runtime Vulnerability in Wasmtime by Bytecode Alliance
CVE-2025-53901BytecodeallianceWasmtime3.5LOWSymlink Following Vulnerability in WebAssembly Micro Runtime on Windows
CVE-2025-43853BytecodeallianceWasm-micro-runtime7HIGHPrivilege Escalation Vulnerability in Bytecode Alliance Wasm Micro Runtime
CVE-2024-25431BytecodeallianceWebassembly Micro Runtime7.8HIGHSpecial Device Filenames Bypass Sandbox in cap-std on Windows
CVE-2024-51756BytecodeallianceCap-stdPatch Releases Issued for Wasmtime to Address Sandbox Bypass Vulnerability
CVE-2024-51745BytecodeallianceWasmtimeMemory Management Flaw in WebAssembly Micro Runtime by Bytecode Alliance
CVE-2023-52284BytecodeallianceWebassembly Micro Runtime5.5MEDIUMHeap Overflow Vulnerability in Bytecode Alliance Wasm-Micro-Runtime
CVE-2023-48105BytecodeallianceWebassembly Micro Runtime7.5HIGHMiscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64
CVE-2023-41880BytecodeallianceWasmtime2.2LOWWasmtime has Undefined Behavior in Rust runtime functions
CVE-2023-30624BytecodeallianceWasmtime3.9LOWGuest-controlled out-of-bounds read/write on x86_64 in wasmtime
CVE-2023-26489BytecodeallianceWasmtime10CRITICALCode Generation Bug in Wasmtime Affects WebAssembly on x86_64 Platforms
CVE-2023-27477BytecodeallianceWasmtime3.1LOWWasmtime vulnerable to out of bounds read/write with zero-memory-pages configuration
CVE-2022-39392BytecodeallianceWasmtime5.9MEDIUMWasmtime vulnerable to data leakage between instances in the pooling allocator
CVE-2022-39393BytecodeallianceWasmtime8.6HIGHwasmtime_trap_code C API function has out of bounds write vulnerability
CVE-2022-39394BytecodeallianceWasmtime3.8LOWCranelift vulnerable to miscompilation of constant values in division on AArch64
CVE-2022-31169BytecodeallianceWasmtime5.9MEDIUMUse After Free in Wasmtime
CVE-2022-31146BytecodeallianceWasmtime6.4MEDIUMMiscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime
CVE-2022-31104BytecodeallianceWasmtime4.8MEDIUMUse after free in Wasmtime
CVE-2022-24791BytecodeallianceWasmtime8.1HIGHInvalid drop of partially-initialized instances in wasmtime
CVE-2022-23636BytecodeallianceWasmtime5.1MEDIUMUse After Free in lucet
CVE-2021-43790BytecodeallianceLucet8.5HIGHOut-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
CVE-2021-39218BytecodeallianceWasmtime6.3MEDIUMWrong type for `Linker`-define functions when used across two `Engine`s
CVE-2021-39219BytecodeallianceWasmtime6.3MEDIUMUse after free passing `externref`s to Wasm in Wasmtime
CVE-2021-39216BytecodeallianceWasmtime6.3MEDIUMMemory access due to code generation flaw in Cranelift module
CVE-2021-32629BytecodeallianceWasmtime7.2HIGH
18 July 2025
15 May 2025
8 November 2024
5 November 2024
31 December 2023
22 November 2023
15 September 2023
27 April 2023
8 March 2023
10 November 2022
22 July 2022
21 July 2022
28 June 2022
31 March 2022
16 February 2022
30 November 2021
17 September 2021
24 May 2021
No more vulnerabilities to load.