Vulnerabilities > Bytecodealliance > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-52284 | Double Free vulnerability in Bytecodealliance Webassembly Micro Runtime 1.2.3 Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because push_pop_frame_ref_offset is mishandled. | 5.5 |
| 2023-09-15 | CVE-2023-41880 | Off-by-one Error vulnerability in Bytecodealliance Wasmtime Wasmtime is a standalone runtime for WebAssembly. | 5.3 |
| 2023-03-08 | CVE-2023-27477 | Off-by-one Error vulnerability in Bytecodealliance Cranelift-Codegen and Wasmtime wasmtime is a fast and secure runtime for WebAssembly. | 4.3 |
| 2022-06-28 | CVE-2022-31104 | Incorrect Calculation vulnerability in Bytecodealliance Cranelift-Codegen and Wasmtime Wasmtime is a standalone runtime for WebAssembly. | 6.8 |
| 2022-03-31 | CVE-2022-24791 | Use After Free vulnerability in Bytecodealliance Wasmtime Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift. | 6.8 |
| 2021-11-30 | CVE-2021-43790 | Use After Free vulnerability in Bytecodealliance Lucet Lucet is a native WebAssembly compiler and runtime. | 6.8 |
| 2021-09-17 | CVE-2021-39218 | Free of Memory not on the Heap vulnerability in multiple products Wasmtime is an open source runtime for WebAssembly & WASI. | 6.3 |
| 2021-09-17 | CVE-2021-39216 | Use After Free vulnerability in multiple products Wasmtime is an open source runtime for WebAssembly & WASI. | 6.3 |
| 2021-09-17 | CVE-2021-39219 | Type Confusion vulnerability in multiple products Wasmtime is an open source runtime for WebAssembly & WASI. | 6.3 |