Vulnerabilities > Webassembly

DATE CVE VULNERABILITY TITLE RISK
2022-10-28 CVE-2022-43280 Out-of-bounds Read vulnerability in Webassembly Wabt 1.0.29
wasm-interp v1.0.29 was discovered to contain an out-of-bounds read via the component OnReturnCallExpr->GetReturnCallDropKeepCount.
local
low complexity
webassembly CWE-125
7.1
2022-10-28 CVE-2022-43281 Out-of-bounds Write vulnerability in Webassembly Wasm 1.0.29
wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector<wabt::Type, std::allocator<wabt::Type>>::size() at /bits/stl_vector.h.
local
low complexity
webassembly CWE-787
7.8
2022-10-28 CVE-2022-43282 Out-of-bounds Read vulnerability in Webassembly Wabt 1.0.29
wasm-interp v1.0.29 was discovered to contain an out-of-bounds read via the component OnReturnCallIndirectExpr->GetReturnCallDropKeepCount.
local
low complexity
webassembly CWE-125
7.1
2022-10-28 CVE-2022-43283 Unrestricted Upload of File with Dangerous Type vulnerability in Webassembly Wabt 1.0.29
wasm2c v1.0.29 was discovered to contain an abort in CWriter::Write.
local
low complexity
webassembly CWE-434
5.5
2022-01-10 CVE-2021-46048 Reachable Assertion vulnerability in Webassembly Binaryen 104
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions.
4.3
2022-01-10 CVE-2021-46050 Allocation of Resources Without Limits or Throttling vulnerability in Webassembly Binaryen 103
A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common function.
local
low complexity
webassembly CWE-770
5.5
2022-01-10 CVE-2021-46052 Reachable Assertion vulnerability in Webassembly Binaryen 104
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate.
4.3
2022-01-10 CVE-2021-46053 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Binaryen 103
A Denial of Service vulnerability exists in Binaryen 103.
4.3
2022-01-10 CVE-2021-46054 Reachable Assertion vulnerability in Webassembly Binaryen 104
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).
4.3
2022-01-10 CVE-2021-46055 Reachable Assertion vulnerability in Webassembly Binaryen 104
A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).
4.3