Search criteria
2 vulnerabilities by wasmi-labs
CVE-2025-66627 (GCVE-0-2025-66627)
Vulnerability from cvelistv5 – Published: 2025-12-09 02:52 – Updated: 2025-12-09 15:21
VLAI?
Title
Wasmi's Linear Memory has a Critical Use After Free Vulnerability
Summary
Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible.
Severity ?
8.4 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wasmi-labs | wasmi |
Affected:
>= 0.41.0, < 0.41.2
Affected: >= 0.42.0, < 0.47.1 Affected: >= 0.50.0, < 0.51.3 Affected: >= 1.0.0, < 1.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66627",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T15:21:08.509833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T15:21:18.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.41.0, \u003c 0.41.2"
},
{
"status": "affected",
"version": "\u003e= 0.42.0, \u003c 0.47.1"
},
{
"status": "affected",
"version": "\u003e= 0.50.0, \u003c 0.51.3"
},
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi\u0027s linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory growth conditions. This issue potentially leads to memory corruption, information disclosure, or code execution. This issue is fixed in versions 0.41.2, 0.47.1, 0.51.3 and 1.0.1. To workaround this issue, consider limiting the maximum linear memory sizes where feasible."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T02:52:46.938Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-g4v2-cjqp-rfmq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-g4v2-cjqp-rfmq"
}
],
"source": {
"advisory": "GHSA-g4v2-cjqp-rfmq",
"discovery": "UNKNOWN"
},
"title": "Wasmi\u0027s Linear Memory has a Critical Use After Free Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66627",
"datePublished": "2025-12-09T02:52:46.938Z",
"dateReserved": "2025-12-05T15:42:44.715Z",
"dateUpdated": "2025-12-09T15:21:18.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28123 (GCVE-0-2024-28123)
Vulnerability from cvelistv5 – Published: 2024-03-08 21:29 – Updated: 2024-08-05 18:14
VLAI?
Title
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters
Summary
Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn’t affect calls from Wasm to Wasm, only from host to Wasm. This vulnerability was patched in version 0.31.1.
Severity ?
7.3 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wasmi-labs | wasmi |
Affected:
>= 0.15.0, <= 0.31.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq"
},
{
"name": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f"
},
{
"name": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wasmi-labs:wasmi:0.15.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"lessThanOrEqual": "0.31.0",
"status": "affected",
"version": "0.15.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T18:07:36.528954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T18:14:48.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "wasmi",
"vendor": "wasmi-labs",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.15.0, \u003c= 0.31.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit (128), as it will surpass the stack value. This doesn\u2019t affect calls from Wasm to Wasm, only from host to Wasm. This vulnerability was patched in version 0.31.1.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-08T21:29:53.555Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wasmi-labs/wasmi/security/advisories/GHSA-75jp-vq8x-h4cq"
},
{
"name": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wasmi-labs/wasmi/commit/f7b3200e9f3dc9e2cbca966cb255c228453c792f"
},
{
"name": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wasmi-labs/wasmi/releases/tag/v0.31.1"
}
],
"source": {
"advisory": "GHSA-75jp-vq8x-h4cq",
"discovery": "UNKNOWN"
},
"title": "Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-28123",
"datePublished": "2024-03-08T21:29:53.555Z",
"dateReserved": "2024-03-04T14:19:14.060Z",
"dateUpdated": "2024-08-05T18:14:48.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}