Wasmtime 代码问题漏洞

漏洞信息详情

Wasmtime是一个字节码联盟项目，它是一个独立的仅用于 WebAssembly 和 WASI 的 wasm 优化运行时。

Wasmtime 存在代码问题漏洞，该漏洞源于 0.30.0 版本之前的 Wasmtime 受类型混淆漏洞影响。

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-q879-9g95-56mx

来源:MISC

链接:https://github.com/bytecodealliance/wasmtime/commit/b39f087414f27ae40c44449ed5d1154e03449bff

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/Z2Z33FTXFQ6EOINVEQIP4DFBG53G5XIY/

来源:MISC

链接:https://crates.io/crates/wasmtime

来源:CONFIRM

链接:https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-q879-9g95-56mx

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/WAVBRYDDUIY2ZR3K3FO4BVYJKIMJ5TP7/

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2021-39219

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Wasmtime-three-vulnerabilities-36563

暂无