CVE-2023-52284

Published December 31st, 2023

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because push_pop_frame_ref_offset is mishandled.

bytecodealliance/wasm-micro-runtime

WebAssembly Micro Runtime (WAMR)

GitHub

5.96K