RUSTSEC-2024-0441

Panic when using a dropped extenref-typed element segment

Reported

April 2, 2024

Issued

May 2, 2025

Package

wasmtime (crates.io)

Type

Vulnerability

Aliases

CVE-2024-30266
GHSA-75hq-h6g9-h4q5

References

https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-75hq-h6g9-h4q5

CVSS Score

3.3 LOW

CVSS Details

Attack vector: Local
Attack complexity: Low
Privileges required: Low
User interaction: None
Scope: Unchanged
Confidentiality: None
Integrity: None
Availability: Low

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Patched

>=19.0.1

Unaffected

<19.0.0

Description

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-75hq-h6g9-h4q5. For more information see the GitHub-hosted security advisory.

Advisory available under CC0-1.0 license.