Vulnerabilities > Bytecodealliance > Webassembly Micro Runtime
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-52284 | Double Free vulnerability in Bytecodealliance Webassembly Micro Runtime 1.2.3 Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because push_pop_frame_ref_offset is mishandled. | 5.5 |
| 2023-11-22 | CVE-2023-48105 | Out-of-bounds Write vulnerability in Bytecodealliance Webassembly Micro Runtime 1.2.3 An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasm_loader_prepare_bytecode function in core/iwasm/interpreter/wasm_loader.c. | 7.5 |