RUSTSEC-2023-0093

Miscompilation of i8x16.select with the same inputs on x86_64

Reported

March 3, 2023

Issued

May 2, 2025

Package

wasmtime (crates.io)

Type

Vulnerability

Aliases

CVE-2023-27477
GHSA-xm67-587q-r2vw

References

https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-xm67-587q-r2vw

CVSS Score

3.1 LOW

CVSS Details

Attack vector: Network
Attack complexity: High
Privileges required: Low
User interaction: None
Scope: Unchanged
Confidentiality: None
Integrity: Low
Availability: None

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Patched

>=4.0.1, <5.0.0
>=5.0.1, <6.0.0
>=6.0.1

Description

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-xm67-587q-r2vw. For more information see the GitHub-hosted security advisory.

Advisory available under CC0-1.0 license.