CVE-2024-34250

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-34250
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-34250.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-34250
Published
2024-05-06T16:15:14.033Z
Modified
2026-03-14T12:33:42.896720Z
Severity
  • 6.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasmloadercheckbr" function in core/iwasm/interpreter/wasmloader.c.

References

Affected packages

Git / github.com/bytecodealliance/wasm-micro-runtime

Affected ranges

Type
GIT
Repo
https://github.com/bytecodealliance/wasm-micro-runtime
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7bdea3c2ae1f23683299c008bd5093ccaeb5f7b1
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0"
        }
    ]
}

Affected versions

Other
01-12-2020
WAMR-01-18-2022
WAMR-01-29-2021
WAMR-02-18-2020
WAMR-02-27-2020
WAMR-03-05-2020
WAMR-03-19-2020
WAMR-03-25-2021
WAMR-03-30-2020
WAMR-04-15-2020
WAMR-04-15-2021
WAMR-05-18-2022
WAMR-06-15-2020
WAMR-07-10-2020
WAMR-08-10-2021
WAMR-09-08-2020
WAMR-09-29-2020
WAMR-12-30-2021
tag-11-28-2019
WAMR-1.*
WAMR-1.0.0
WAMR-1.1.0
WAMR-1.1.1
WAMR-1.1.2
WAMR-1.2.0
WAMR-1.2.1
WAMR-1.2.2
WAMR-1.2.3
WAMR-1.3.0
WAMR-1.3.1
WAMR-1.3.2
WAMR-2.*
WAMR-2.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-34250.json"