Search criteria
6 vulnerabilities found for wasmi by wasmi-labs
FKIE_CVE-2025-66627
Vulnerability from fkie_nvd - Published: 2025-12-09 16:18 - Updated: 2025-12-10 21:16
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-g4v2-cjqp-rfmq | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wasmi-labs | wasmi | * | |
| wasmi-labs | wasmi | * | |
| wasmi-labs | wasmi | * | |
| wasmi-labs | wasmi | 1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wasmi-labs:wasmi:*:*:*:*:*:rust:*:*",
"matchCriteriaId": "DEC38241-42E1-416E-B258-4789ABCE4FAE",
"versionEndExcluding": "0.41.2",
"versionStartIncluding": "0.41.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wasmi-labs:wasmi:*:*:*:*:*:rust:*:*",
"matchCriteriaId": "1FF46E2B-0D1F-4875-8829-15A4B0F18337",
"versionEndExcluding": "0.47.1",
"versionStartIncluding": "0.47.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wasmi-labs:wasmi:*:*:*:*:*:rust:*:*",
"matchCriteriaId": "3DD06F35-DCE6-436A-82E6-8ABFB27F882A",
"versionEndExcluding": "0.51.3",
"versionStartIncluding": "0.51.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wasmi-labs:wasmi:1.0.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "0C5B18F1-7C31-4A15-8A6B-FA4C4F2E8E6B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi\u0027s linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible."
}
],
"id": "CVE-2025-66627",
"lastModified": "2025-12-10T21:16:04.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-12-09T16:18:21.910",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-g4v2-cjqp-rfmq"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
FKIE_CVE-2024-28123
Vulnerability from fkie_nvd - Published: 2024-03-21 02:52 - Updated: 2025-06-02 14:06
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn’t affect calls from Wasm to Wasm, only from host to Wasm. This vulnerability was patched in version 0.31.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wasmi-labs | wasmi | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wasmi-labs:wasmi:*:*:*:*:*:rust:*:*",
"matchCriteriaId": "DAB41919-ADBF-4CC4-B289-F15B7F68460C",
"versionEndExcluding": "0.31.1",
"versionStartIncluding": "0.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn\u2019t affect calls from Wasm to Wasm, only from host to Wasm. This vulnerability was patched in version 0.31.1.\n"
},
{
"lang": "es",
"value": "Wasmi es un int\u00e9rprete de WebAssembly eficiente y liviano centrado en sistemas integrados y restringidos. En el int\u00e9rprete WASMI, surgir\u00e1 una escritura de b\u00fafer fuera de los l\u00edmites si el host llama o reanuda una funci\u00f3n Wasm con m\u00e1s par\u00e1metros que el l\u00edmite predeterminado (128), ya que superar\u00e1 el valor de la pila. Esto no afecta las llamadas de Wasm a Wasm, solo del host a Wasm. Esta vulnerabilidad fue parcheada en la versi\u00f3n 0.31.1."
}
],
"id": "CVE-2024-28123",
"lastModified": "2025-06-02T14:06:34.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-21T02:52:23.827",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-66627 (GCVE-0-2025-66627)
Vulnerability from nvd – Published: 2025-12-09 02:52 – Updated: 2025-12-09 15:21
VLAI?
Title
Wasmi's Linear Memory has a Critical Use After Free Vulnerability
Summary
Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible.
Severity ?
8.4 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wasmi-labs | wasmi |
Affected:
>= 0.41.0, < 0.41.2
Affected: >= 0.42.0, < 0.47.1 Affected: >= 0.50.0, < 0.51.3 Affected: >= 1.0.0, < 1.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66627",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T15:21:08.509833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T15:21:18.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.41.0, \u003c 0.41.2"
},
{
"status": "affected",
"version": "\u003e= 0.42.0, \u003c 0.47.1"
},
{
"status": "affected",
"version": "\u003e= 0.50.0, \u003c 0.51.3"
},
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi\u0027s linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T02:52:46.938Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-g4v2-cjqp-rfmq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-g4v2-cjqp-rfmq"
}
],
"source": {
"advisory": "GHSA-g4v2-cjqp-rfmq",
"discovery": "UNKNOWN"
},
"title": "Wasmi\u0027s Linear Memory has a Critical Use After Free Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66627",
"datePublished": "2025-12-09T02:52:46.938Z",
"dateReserved": "2025-12-05T15:42:44.715Z",
"dateUpdated": "2025-12-09T15:21:18.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28123 (GCVE-0-2024-28123)
Vulnerability from nvd – Published: 2024-03-08 21:29 – Updated: 2024-08-05 18:14
VLAI?
Title
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters
Summary
Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn’t affect calls from Wasm to Wasm, only from host to Wasm. This vulnerability was patched in version 0.31.1.
Severity ?
7.3 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wasmi-labs | wasmi |
Affected:
>= 0.15.0, <= 0.31.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq"
},
{
"name": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f"
},
{
"name": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wasmi-labs:wasmi:0.15.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"lessThanOrEqual": "0.31.0",
"status": "affected",
"version": "0.15.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T18:07:36.528954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T18:14:48.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.15.0, \u003c= 0.31.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn\u2019t affect calls from Wasm to Wasm, only from host to Wasm. This vulnerability was patched in version 0.31.1.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T21:29:53.555Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq"
},
{
"name": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f"
},
{
"name": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1"
}
],
"source": {
"advisory": "GHSA-75jp-vq8x-h4cq",
"discovery": "UNKNOWN"
},
"title": "Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-28123",
"datePublished": "2024-03-08T21:29:53.555Z",
"dateReserved": "2024-03-04T14:19:14.060Z",
"dateUpdated": "2024-08-05T18:14:48.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-66627 (GCVE-0-2025-66627)
Vulnerability from cvelistv5 – Published: 2025-12-09 02:52 – Updated: 2025-12-09 15:21
VLAI?
Title
Wasmi's Linear Memory has a Critical Use After Free Vulnerability
Summary
Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible.
Severity ?
8.4 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wasmi-labs | wasmi |
Affected:
>= 0.41.0, < 0.41.2
Affected: >= 0.42.0, < 0.47.1 Affected: >= 0.50.0, < 0.51.3 Affected: >= 1.0.0, < 1.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66627",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T15:21:08.509833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T15:21:18.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.41.0, \u003c 0.41.2"
},
{
"status": "affected",
"version": "\u003e= 0.42.0, \u003c 0.47.1"
},
{
"status": "affected",
"version": "\u003e= 0.50.0, \u003c 0.51.3"
},
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi\u0027s linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T02:52:46.938Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-g4v2-cjqp-rfmq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-g4v2-cjqp-rfmq"
}
],
"source": {
"advisory": "GHSA-g4v2-cjqp-rfmq",
"discovery": "UNKNOWN"
},
"title": "Wasmi\u0027s Linear Memory has a Critical Use After Free Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66627",
"datePublished": "2025-12-09T02:52:46.938Z",
"dateReserved": "2025-12-05T15:42:44.715Z",
"dateUpdated": "2025-12-09T15:21:18.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28123 (GCVE-0-2024-28123)
Vulnerability from cvelistv5 – Published: 2024-03-08 21:29 – Updated: 2024-08-05 18:14
VLAI?
Title
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters
Summary
Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn’t affect calls from Wasm to Wasm, only from host to Wasm. This vulnerability was patched in version 0.31.1.
Severity ?
7.3 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wasmi-labs | wasmi |
Affected:
>= 0.15.0, <= 0.31.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq"
},
{
"name": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f"
},
{
"name": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wasmi-labs:wasmi:0.15.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"lessThanOrEqual": "0.31.0",
"status": "affected",
"version": "0.15.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T18:07:36.528954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T18:14:48.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.15.0, \u003c= 0.31.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn\u2019t affect calls from Wasm to Wasm, only from host to Wasm. This vulnerability was patched in version 0.31.1.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T21:29:53.555Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq"
},
{
"name": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f"
},
{
"name": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1"
}
],
"source": {
"advisory": "GHSA-75jp-vq8x-h4cq",
"discovery": "UNKNOWN"
},
"title": "Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-28123",
"datePublished": "2024-03-08T21:29:53.555Z",
"dateReserved": "2024-03-04T14:19:14.060Z",
"dateUpdated": "2024-08-05T18:14:48.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}