The Bytecode Alliance: Building a secure, composab...

[pjmlp]

It is a security deficiency, hence why MSIL that contains certain C++ features is tainted as unsafe by the security verifier.

Some other bytecodes like Unisys ClearPath mainframes follow the same approach when using unchecked bounds access.

WebAssembly folks just hand wave it as not an issue.