Bytecode Alliance wasmtime 44.0.0 for Rust
Approved changes feed: RSS · Atom
cpe:2.3:a:bytecodealliance:wasmtime:44.0.0:*:*:*:*:rust:*:*
part: a version: 44.0.0 update: *
| Vendor | Bytecodealliance (52b53bc1-2538-5fbc-966b-62b96fdcbee2) |
|---|---|
| Product | Wasmtime (640b3cbe-ca35-52a7-9505-89b57edb228f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | rust |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/bytecodealliance/wasmtime |
purl2cpe | 2026-06-01 10:17:50.385513 |
pkg:rpm/opensuse/wasmtime |
purl2cpe | 2026-06-01 10:17:50.385514 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-44216 |
vulnerable | 2026-06-08 08:03:18.136003 |
Wasmtime: Panic when allocating a table exceeding the size of the host's address space
Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This overflow is possible to trigger, and thus panic, when a table with an extremely large size is allocated. This is possible with the WebAssembly memory64 proposal where tables can have sizes in the 64-bit range as opposed to the previous 32-bit range which would not overflow. The panic happens when attempting to create a very large table, such as when instantiating a WebAssembly module or component. This vulnerability is fixed in 36.0.8, 43.0.2, and 44.0.1.
Published: 2026-05-14T14:54:32.975Z
Updated: 2026-05-15T19:09:21.141Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.