How severe is GHSA-fm79-3f68-h2fc?

GHSA-fm79-3f68-h2fc has a CVSS score of 3.5/10, rated LOW. Review your exposure and patch according to your risk tolerance.

Which packages are affected by GHSA-fm79-3f68-h2fc?

GHSA-fm79-3f68-h2fc affects the following packages: wasmtime-wasi (crates.io), wasmtime-wasi (crates.io), wasmtime-wasi (crates.io), wasmtime (crates.io), wasmtime (crates.io), wasmtime (crates.io). Ecosystems affected: crates.io.

How do I fix GHSA-fm79-3f68-h2fc?

Update wasmtime-wasi to 24.0.4 or later, then make sure no transitive (indirect) dependency still pins the vulnerable range — O3 confirms GHSA-fm79-3f68-h2fc is resolved across your whole dependency graph.

How do I detect GHSA-fm79-3f68-h2fc in my crates.io dependencies?

Scan your dependency tree (package-lock.json, pnpm-lock.yaml, requirements.txt, go.sum, etc.) for wasmtime-wasi. O3's reachability analysis confirms whether the vulnerable code path is actually invoked in your application, so you act on real exposure instead of every transitive match.

How do I mitigate GHSA-fm79-3f68-h2fc if there is no patch (or I can't update yet)?

If you can't upgrade right away: gate or disable the affected feature, validate untrusted input at the boundary, and avoid passing attacker-controlled data into the vulnerable path. O3's runtime protection blocks exploitation in production as an interim safeguard until the upgrade lands.

How does O3 Security protect against GHSA-fm79-3f68-h2fc?

O3 pinpoints whether GHSA-fm79-3f68-h2fc is reachable in your code and exactly where to fix it, then blocks exploitation in production at runtime until the patched version is deployed.

Is GHSA-fm79-3f68-h2fc actively exploited in the wild?

No public exploit code has been indexed for GHSA-fm79-3f68-h2fc yet. This does not mean the vulnerability cannot be exploited — absence of public exploits does not imply safety. Apply the recommended fix and use O3 Security to monitor your exposure.

What is the EPSS score for GHSA-fm79-3f68-h2fc?

GHSA-fm79-3f68-h2fc has an EPSS (Exploit Prediction Scoring System) score of 0.3%, placing it in the 21th percentile of all CVEs. EPSS is maintained by FIRST.org and estimates the probability that a vulnerability will be exploited in the wild within the next 30 days. This score indicates relatively lower exploitation probability, though the CVSS severity should still guide your patching priority.

What type of vulnerability is GHSA-fm79-3f68-h2fc?

GHSA-fm79-3f68-h2fc is classified as CWE-672 (CWE-672). This weakness type describe the underlying flaw category, which helps determine the potential impact and the right class of mitigation.

When was GHSA-fm79-3f68-h2fc published, and has it been updated?

GHSA-fm79-3f68-h2fc was published on July 18, 2025 and was last updated on February 4, 2026. Advisory data evolves as severity scores, affected ranges, and exploit intelligence are revised — always check the latest version of the advisory before acting.

🦀 crates.io

GHSA-fm79-3f68-h2fc

LOW

Wasmtime CLI is vulnerable to host panic through its fd_renumber function

Also known asCVE-2025-53901RUSTSEC-2025-0046

Published

Jul 18, 2025

Updated

Feb 4, 2026

Affected

6 pkgs

Patched

6 / 6

Exploits

None indexed

EPSS Exploitation Probability

via FIRST.org ↗

0.3%probability of exploitation in next 30 days

Lower Risk21th percentile-0.08%

EPSS (Exploit Prediction Scoring System) is a daily probability model maintained by FIRST.org. It estimates the likelihood a CVE will be exploited in production environments within the next 30 days, derived from real-world threat intelligence signals.

Blast Radius

6 pkgs affected

🦀wasmtime-wasi🦀wasmtime-wasi🦀wasmtime-wasi🦀wasmtime🦀wasmtime🦀wasmtime

Real-time download stats are indexed for npm and PyPI packages. This vulnerability affects crates.io packages — download data is not available via public APIs for these ecosystems.

Description

Summary

A bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host (embedder). The specific bug is triggered by calling path_open after calling fd_renumber with either:

two equal argument values
second argument being equal to a previously-closed file descriptor number value

The corrupt state introduced in fd_renumber will lead to the subsequent opening of a file descriptor to panic. This panic cannot introduce memory unsafety or allow WebAssembly to break outside of its sandbox, however. There is no possible heap corruption or memory unsafety from this panic.

This bug is in the implementation of Wasmtime's wasmtime-wasi crate which provides an implementation of WASIp1. The bug requires a specially crafted call to fd_renumber in addition to the ability to open a subsequent file descriptor. Opening a second file descriptor is only possible when a preopened directory was provided to the guest, and this is common amongst embeddings. A panic in the host is considered a denial-of-service vector for WebAssembly embedders and is thus a security issue in Wasmtime.

This bug does not affect WASIp2 and embedders using components.

Patches

In accordance with Wasmtime's release process patch releases are available as 24.0.4, 33.0.2, and 34.0.2. Users of other release of Wasmtime are recommended to move to a supported release of Wasmtime.

Workarounds

Embedders who are using components or are not providing guest access to create more file descriptors (e.g. via a preopened filesystem directory) are not affected by this issue. Otherwise there is no workaround at this time and affected embeddings are recommended to update to a patched version which will not cause a panic in the host.

Affected Packages

6 total 6 fixed

Ecosystem	Package	Vulnerable range	Fix
🦀crates.io	`wasmtime-wasi`	all versions	24.0.4
🦀crates.io	`wasmtime-wasi`	≥ 25.0.0&&< 33.0.2	33.0.2
🦀crates.io	`wasmtime-wasi`	≥ 34.0.0&&< 34.0.2	34.0.2
🦀crates.io	`wasmtime`	≥ 10.0.0&&< 24.0.4	24.0.4
🦀crates.io	`wasmtime`	≥ 33.0.0&&< 33.0.2	33.0.2
🦀crates.io	`wasmtime`	≥ 34.0.0&&< 34.0.2	34.0.2

Detection & mitigation playbook

Open-source dependency

Detect
Scan your dependency tree (package-lock.json, pnpm-lock.yaml, requirements.txt, go.sum, etc.) for wasmtime-wasi. O3's reachability analysis confirms whether the vulnerable code path is actually invoked in your application, so you act on real exposure instead of every transitive match.
Fix
Update wasmtime-wasi to 24.0.4 or later, then make sure no transitive (indirect) dependency still pins the vulnerable range — O3 confirms GHSA-fm79-3f68-h2fc is resolved across your whole dependency graph.
Workarounds
If you can't upgrade right away: gate or disable the affected feature, validate untrusted input at the boundary, and avoid passing attacker-controlled data into the vulnerable path. O3's runtime protection blocks exploitation in production as an interim safeguard until the upgrade lands.
How O3 protects you
O3 pinpoints whether GHSA-fm79-3f68-h2fc is reachable in your code and exactly where to fix it, then blocks exploitation in production at runtime until the patched version is deployed.

Tailored to GHSA-fm79-3f68-h2fc. Runtime protection reduces exposure until a permanent patch is applied and verified — it complements patching, it doesn't replace it.

Frequently Asked Questions

### Summary A bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host (embedder). The specific bug is triggered by calling `path_open` after calling `fd_renumber` with either: - two equal argument values - second argument being equal to a previously-closed file descriptor number value The corrupt state introduced in `fd_renumber` will lead to the subsequent opening of a file descriptor to panic. This panic cannot introduce memory unsafety or allow WebAssembly to break outside of its sandbox, however. There is no poss

O3 Security · Impact-Aware SCA

Is GHSA-fm79-3f68-h2fc in your dependencies?

O3 detects GHSA-fm79-3f68-h2fc across crates.io dependencies and uses function-level reachability to confirm whether the vulnerable code path is actually reachable — not just present. No false positives.

Scan my dependencies How O3 SCA works

CVSS Score

3.5/10

CVSS v3 base score

Vector breakdown

AV:Attack Vector

Network

AC:Attack Complexity

Low

PR:Privileges Required

Low

UI:User Interaction

Required

S:Scope

Unchanged

C:Confidentiality

None

I:Integrity

None

A:Availability

Low

Raw vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

CWE Classification

CWE-672CWE-672

Weaponization

No known public exploit tooling found.

OpenSSF Scorecard

Package health score

WASI

4.9/10

Code-Review8/10

Maintained10/10

Branch-Protection1/10

Assessed Jun 22, 2026

Timeline

Disclosed

Jul 18, 2025

Last updated

Feb 4, 2026

Identifiers

GHSA-fm79-3f68-h2fc

RUSTSEC-2025-0046

References

Advisorynvd.nist.gov Webgithub.com Webgithub.com Webgithub.com Webgithub.com Webgithub.com Webdocs.wasmtime.dev Webdocs.wasmtime.dev Webgithub.com Webgithub.com Webrustsec.org Packagegithub.com

Data from OSV.dev, enriched by O3 Security. Refreshed hourly.

GHSA-fm79-3f68-h2fc

EPSS Exploitation Probability

Blast Radius

Description

Summary

Patches

Workarounds

Affected Packages

Detection & mitigation playbook

Detect

Fix

Workarounds

How O3 protects you

Frequently Asked Questions

Is GHSA-fm79-3f68-h2fc in your dependencies?