CVE-2023-48105

An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasm_loader_prepare_bytecode function in core/iwasm/interpreter/wasm_loader.c.
Configurations

Configuration 1 (hide)

cpe:2.3:a:bytecodealliance:webassembly_micro_runtime:1.2.3:*:*:*:*:*:*:*

History

30 Nov 2023, 20:33

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-787
CPE cpe:2.3:a:bytecodealliance:webassembly_micro_runtime:1.2.3:*:*:*:*:*:*:*
First Time Bytecodealliance
Bytecodealliance webassembly Micro Runtime
References () http://bytecode.com - () http://bytecode.com - Not Applicable
References () https://github.com/bytecodealliance/wasm-micro-runtime/issues/2726 - () https://github.com/bytecodealliance/wasm-micro-runtime/issues/2726 - Exploit, Issue Tracking, Patch
References () http://wasm-micro-runtime.com - () http://wasm-micro-runtime.com - Broken Link
References () https://github.com/bytecodealliance/wasm-micro-runtime/pull/2734/commits/4785d91b16dd49c09a96835de2d9c7b077543fa4 - () https://github.com/bytecodealliance/wasm-micro-runtime/pull/2734/commits/4785d91b16dd49c09a96835de2d9c7b077543fa4 - Patch

22 Nov 2023, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-22 23:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-48105

Mitre link : CVE-2023-48105

CVE.ORG link : CVE-2023-48105


JSON object : View

Products Affected

bytecodealliance

  • webassembly_micro_runtime
CWE
CWE-787

Out-of-bounds Write