wasm3_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk memory corruption and バッファオーバーフロー に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact memory corruption and アプリケーションクラッシュ などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-15572 | A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no active maintainer at the moment. | [email protected] | 1.9 | 0.01% | 2026-02-10 | 2026-04-29 |
| CVE-2025-15413 | A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function op_SetSlot_i32/op_CallIndirect of the file m3_exec.h. Performing a manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used. Unfortunately, the project has no active maintainer at the moment. | [email protected] | 1.9 | 0.01% | 2026-01-01 | 2026-04-29 |
| CVE-2025-6272 | A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | [email protected] | 1.9 | 0.06% | 2025-06-19 | 2026-04-29 |
| CVE-2024-27530 | wasm3 139076a contains a Use-After-Free in ForEachModule. | [email protected] | 8.4 | 0.12% | 2024-11-08 | 2025-06-24 |
| CVE-2024-27529 | wasm3 139076a contains memory leaks in Read_utf8. | [email protected] | 8.4 | 0.18% | 2024-11-08 | 2025-06-24 |
| CVE-2024-27528 | wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution. | [email protected] | 8.4 | 0.13% | 2024-11-08 | 2025-06-24 |
| CVE-2024-27527 | wasm3 139076a is vulnerable to Denial of Service (DoS). | [email protected] | 7.5 | 0.26% | 2024-11-08 | 2025-06-24 |
| CVE-2024-34246 | wasm3 v0.5.0 was discovered to contain an out-of-bound memory read which leads to segmentation fault via the function "main" in wasm3/platforms/app/main.c. | [email protected] | 7.5 | 0.55% | 2024-05-06 | 2025-04-16 |
| CVE-2024-34252 | wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3_compile.c. | [email protected] | 7.5 | 0.48% | 2024-05-06 | 2025-04-16 |
| CVE-2024-34249 | wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c. | [email protected] | 9.8 | 1.07% | 2024-05-06 | 2025-04-16 |
| CVE-2022-44874 | wasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h. | [email protected] | 5.5 | 0.13% | 2022-12-13 | 2025-04-22 |
| CVE-2022-39974 | WASM3 v0.5.0 was discovered to contain a segmentation fault via the component op_Select_i32_srs in wasm3/source/m3_exec.h. | [email protected] | 7.5 | 0.29% | 2022-09-20 | 2025-05-28 |
| CVE-2022-34529 | WASM3 v0.5.0 was discovered to contain a segmentation fault via the component Compile_Memory_CopyFill. | [email protected] | 5.5 | 0.02% | 2022-07-27 | 2024-11-21 |
| CVE-2022-28990 | WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm. | [email protected] | 7.8 | 0.11% | 2022-05-20 | 2024-11-21 |
| CVE-2022-28966 | Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirectly from Compile_BranchTable in m3_compile.c). | [email protected] | 5.5 | 0.14% | 2022-04-16 | 2024-11-21 |
| CVE-2021-45947 | Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments). | [email protected] | 5.5 | 0.05% | 2022-01-01 | 2024-11-21 |
| CVE-2021-45946 | Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements). | [email protected] | 5.5 | 0.05% | 2022-01-01 | 2024-11-21 |
| CVE-2021-45929 | Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If). | [email protected] | 5.5 | 0.05% | 2022-01-01 | 2024-11-21 |
| CVE-2021-38592 | Wasm3 0.5.0 has a heap-based buffer overflow in op_Const64 (called from EvaluateExpression and m3_LoadModule). | [email protected] | 7.5 | 0.30% | 2021-08-12 | 2024-11-21 |