Component Model Bug in Wasmtime Affects Multiple Versions
CVE-2025-62711
2.1LOW
What is CVE-2025-62711?
A vulnerability exists in WebAssembly runtime Wasmtime, specifically in versions 38.0.0 to before 38.0.3. A bug in the implementation of component-model related host-to-Wasm trampolines allows for the crafting of components which, when invoked in a particular manner, can lead to a segmentation fault or assertion failure within the host environment. This issue has been addressed in Wasmtime version 38.0.3, which includes a patch for the identified fault, and no immediate workarounds are available.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
wasmtime >= 38.0.0, < 38.0.3
References
CVSS V4
Score:
2.1
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved