CVE-2024-27529: wasm3 uncontrolled memory allocation vulnerability

November 9, 2024 (updated November 18, 2024)

wasm3 at commit 139076a contains a memory leak in the Read_utf8 function.

References

gist.github.com/haruki3hhh/ac70bd83b9c0ed1de6289d818488da78
github.com/advisories/GHSA-fmq6-4w57-2w3v
github.com/wasm3/wasm3/commit/526c1251b64e6e9fdc0d40c768ae46cd20338594
github.com/wasm3/wasm3/issues/462
github.com/wasm3/wasm3/pull/490
nvd.nist.gov/vuln/detail/CVE-2024-27529

Detect and mitigate CVE-2024-27529 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →