HistoryEdit

RUSTSEC-2021-0110

Multiple Vulnerabilities in Wasmtime

Issued
Package
wasmtime (crates.io)
Type
Vulnerability
Categories
Keywords
#use-after-free #out-of-bounds-read #out-of-bounds-write #Wasm #garbage-collection
Aliases
CVSS Score
6.3 MEDIUM
CVSS Details
Attack vector
Local
Attack complexity
High
Privileges required
Low
User interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Patched
  • >=0.30.0
Keywords
#use-after-free #out-of-bounds-read #out-of-bounds-write #Wasm #garbage-collection
Affected Functions
Version
wasmtime::Linker::func_new
  • <0.30.0
wasmtime::Linker::func_wrap
  • <0.30.0
wasmtime::Store::gc
  • <0.30.0

Description