Focus on wasm3_project vulnerabilities and metrics.
Last updated: 01 Aug 2025, 22:25 UTC
This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with wasm3_project. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.
For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.
Total wasm3_project CVEs: 17
Earliest CVE date: 12 Aug 2021, 02:15 UTC
Latest CVE date: 19 Jun 2025, 18:15 UTC
Latest CVE reference: CVE-2025-6272
30-day Count (Rolling): 0
365-day Count (Rolling): 5
Calendar-based Variation
Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.
Month Variation (Calendar): -100.0%
Year Variation (Calendar): 66.67%
Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 66.67%
Average CVSS: 1.68
Max CVSS: 5.0
Critical CVEs (≥9): 0
| Range | Count |
|---|---|
| 0.0-3.9 | 11 |
| 4.0-6.9 | 6 |
| 7.0-8.9 | 0 |
| 9.0-10.0 | 0 |
These are the five CVEs with the highest CVSS scores for wasm3_project, sorted by severity first and recency.
A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
wasm3 139076a contains a Use-After-Free in ForEachModule.
wasm3 139076a contains memory leaks in Read_utf8.
wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution.
wasm3 139076a is vulnerable to Denial of Service (DoS).
wasm3 v0.5.0 was discovered to contain an out-of-bound memory read which leads to segmentation fault via the function "main" in wasm3/platforms/app/main.c.
wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3_compile.c.
wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c.
wasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h.
WASM3 v0.5.0 was discovered to contain a segmentation fault via the component op_Select_i32_srs in wasm3/source/m3_exec.h.
WASM3 v0.5.0 was discovered to contain a segmentation fault via the component Compile_Memory_CopyFill.
WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm.
Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirectly from Compile_BranchTable in m3_compile.c).
Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments).
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements).
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If).
Wasm3 0.5.0 has a heap-based buffer overflow in op_Const64 (called from EvaluateExpression and m3_LoadModule).