Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-31146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be...

8.8CVSS7.8AI score0.00856EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/07/20 10:47 p.m.4 views

deterministic-wasi-ctx (=0.1.3), enarx (>=0.5.0 <=0.5.1) +8 more potentially affected by CVE-2022-31146 via wasmtime (=0.37.0)

wasmtime CARGO version =0.37.0 is affected by a known vulnerability. The following packages have a transitive dependency on wasmtime and may be impacted: - deterministic-wasi-ctx =0.1.3 - enarx =0.5.0, =0.5.1 - enarx-exec-wasmtime =0.5.1 - wasi-tokio =0.37.0 - wasmtime-cli-flags =0.37.0 -...

8.8CVSS7.2AI score0.00856EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/07/20 10:47 p.m.9 views

cranelift (=0.84.0), cranelift-frontend (=0.84.0) +18 more potentially affected by CVE-2022-31146 via cranelift-codegen (=0.84.0)

cranelift-codegen CARGO version =0.84.0 is affected by a known vulnerability. The following packages have a transitive dependency on cranelift-codegen and may be impacted: - cranelift =0.84.0 - cranelift-frontend =0.84.0 - cranelift-interpreter =0.84.0 - cranelift-jit =0.84.0 - cranelift-module...

8.8CVSS7.2AI score0.00856EPSS
Exploits0
CVE
CVE
added 2022/07/20 10:30 p.m.81 views

CVE-2022-31146

CVE-2022-31146 affects Wasmtime (Cranelift) in the migration to the regalloc2 allocator (Wasmtime 0.37.0). The bug may cause metadata for reference-typed functions to be missing during GC, making the GC pass think there are no live references, leading to use-after-free when values are later acces...

8.8CVSS7.5AI score0.00856EPSS
Exploits0References3Affected Software2
Debian CVE
Debian CVE
added 2022/07/20 10:30 p.m.5 views

CVE-2022-31146

Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will...

8.8CVSS8.7AI score0.00856EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/07/12 12:0 p.m.4 views

auto-wasi (=0.1.0), ceres-executor (>=0.1.0 <=0.2.0) +79 more potentially affected by CVE-2022-31146 via wasmtime (>=0.10.0 <=0.37.0)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.40.1, =0.45.0, =0.1.0, =0.1.0, =0.1.0, =0.1.7 - lunatic-common-api =0.9.0 and more Source cves: CVE-2022-31146 Source advisory: OSV:RUSTSEC-2022-0100...

8.8CVSS7.6AI score0.00856EPSS
Exploits0
Rows per page
Query Builder