Affected Products

Vendor / product matrix with CVE counts sourced from the CPE catalog.

Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
wasm3_project
119023.5%CRITICAL

Related CVEs

19
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-15572A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no active maintainer at the moment.LOW1.95.3%Feb 10, 2026
CVE-2025-15413A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function op_SetSlot_i32/op_CallIndirect of the file m3_exec.h. Performing a manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used. Unfortunately, the project has no active maintainer at the moment.LOW1.97.2%Jan 1, 2026
CVE-2025-6272A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.LOW1.98.2%Jun 19, 2025
CVE-2024-27530wasm3 139076a contains a Use-After-Free in ForEachModule.HIGH8.412.6%Nov 8, 2024
CVE-2024-27529wasm3 139076a contains memory leaks in Read_utf8.HIGH8.417.9%Nov 8, 2024
CVE-2024-27528wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution.HIGH8.414.9%Nov 8, 2024
CVE-2024-27527wasm3 139076a is vulnerable to Denial of Service (DoS).HIGH7.535.2%Nov 8, 2024
CVE-2024-34246wasm3 v0.5.0 was discovered to contain an out-of-bound memory read which leads to segmentation fault via the function "main" in wasm3/platforms/app/main.c.HIGH7.540.0%May 6, 2024
CVE-2024-34252wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3_compile.c.HIGH7.545.5%May 6, 2024
CVE-2024-34249wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c.CRITICAL9.848.5%May 6, 2024
CVE-2022-44874wasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h.MEDIUM5.5Dec 13, 2022
CVE-2022-39974WASM3 v0.5.0 was discovered to contain a segmentation fault via the component op_Select_i32_srs in wasm3/source/m3_exec.h.HIGH7.5Sep 20, 2022
CVE-2022-34529WASM3 v0.5.0 was discovered to contain a segmentation fault via the component Compile_Memory_CopyFill.MEDIUM5.5Jul 27, 2022
CVE-2022-28990WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm.HIGH7.8May 20, 2022
CVE-2022-28966Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirectly from Compile_BranchTable in m3_compile.c).MEDIUM5.5Apr 16, 2022
CVE-2021-45947Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments).MEDIUM5.5Jan 1, 2022
CVE-2021-45946Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements).MEDIUM5.5Jan 1, 2022
CVE-2021-45929Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If).MEDIUM5.5Jan 1, 2022
CVE-2021-38592Wasm3 0.5.0 has a heap-based buffer overflow in op_Const64 (called from EvaluateExpression and m3_LoadModule).HIGH7.5Aug 12, 2021