Vulnerabilities > CVE-2022-43281 - Out-of-bounds Write vulnerability in Webassembly Wasm 1.0.29

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

webassembly

CWE-787

NVD

Published: 2022-10-28

Updated: 2022-11-01

Summary

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector<wabt::Type, std::allocator<wabt::Type>>::size() at /bits/stl_vector.h.

Vulnerable Configurations

Part	Description	Count
Application	Webassembly Webassembly Wasm 1.0.29	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/WebAssembly/wabt/issues/1981