HistoryEditJSON (OSV)

RUSTSEC-2024-0439

Race condition could lead to WebAssembly control-flow integrity and type safety violations

Reported
Issued
Package
wasmtime (crates.io)
Type
Vulnerability
Aliases
References
CVSS Score
2.9 LOW
CVSS Details
Attack vector
Local
Attack complexity
High
Privileges required
High
User interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L
Patched
  • >=21.0.2, <22.0.0
  • >=22.0.1, <23.0.0
  • >=23.0.3, <24.0.0
  • >=24.0.1, <25.0.0
  • >=25.0.2
Unaffected
  • <19.0.0

Description

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7qmx-3fpx-r45m. For more information see the GitHub-hosted security advisory.

Advisory available under CC0-1.0 license.