Vulnerabilities > Bytecodealliance > Webassembly Micro Runtime
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-08 | CVE-2024-25431 | Out-of-bounds Read vulnerability in Bytecodealliance Webassembly Micro Runtime An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate privileges via a crafted file to the check_was_abi_compatibility function. | 7.8 |
| 2023-12-31 | CVE-2023-52284 | Double Free vulnerability in Bytecodealliance Webassembly Micro Runtime Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because push_pop_frame_ref_offset is mishandled. | 5.5 |
| 2023-11-22 | CVE-2023-48105 | Out-of-bounds Write vulnerability in Bytecodealliance Webassembly Micro Runtime 1.2.3 An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasm_loader_prepare_bytecode function in core/iwasm/interpreter/wasm_loader.c. | 7.5 |