VYPR
Low severityNVD Advisory· Published Apr 4, 2024· Updated Aug 2, 2024

Wasmtime vulnerable to panic when using a dropped extenref-typed element segment

CVE-2024-30266

Description

wasmtime is a runtime for WebAssembly. The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host runtime. A valid WebAssembly module, when executed at runtime, may cause this panic. This vulnerability has been patched in version 19.0.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
wasmtimecrates.io
>= 19.0.0, < 19.0.119.0.1

Affected products

4

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.