CVE-2021-38592
HIGHwasm3 0.5.0 - Heap-Based Buffer Overflow in op_Const64
Title source: llmDescription
Wasm3 0.5.0 has a heap-based buffer overflow in op_Const64 (called from EvaluateExpression and m3_LoadModule).
References (2)
Core 2
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33554
Third Party Advisory x_refsource_misc
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wasm3/OSV-2021-676.yaml
Scores
CVSS v3
7.5
EPSS
0.0129
EPSS Percentile
66.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-787
Status
published
Products (1)
wasm3_project/wasm3
0.5.0
Published
Aug 12, 2021
Tracked Since
Feb 18, 2026