Bytecodealliance Wasmtime vulnerabilities
42 known vulnerabilities affecting bytecodealliance/wasmtime.
Total CVEs
42
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL5HIGH16MEDIUM16LOW5
Vulnerabilities
Page 3 of 3
CVE-2024-47813P4LOWCVSS 2.9v19.0.0v19.0.1+18 more2024-10-09
CVE-2024-47813 [LOW] CWE-367 CVE-2024-47813: Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a `was
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a `wasmtime::Engine`'s internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption could, following an additional and particular sequence of
ghsanvdosv
CVE-2025-64345P4LOWCVSS 1.8v>= 38.0.1, < 38.0.4v>= 37.0.0, < 37.0.3+2 more2025-11-12
CVE-2025-64345 [LOW] CWE-362 CVE-2025-64345: Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host (Rust) to the contents of the linear memory. This is not sound for shared linear memories, whic
ghsanvdosv
← Previous3 / 3