Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:14 a.m.8 views

CVE-2022-23636

Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an externref global will result in an invalid drop of a...

8.1CVSS6.5AI score0.00772EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/07/21 10:34 p.m.4 views

abstraps (=0.1.8), aivm (>=0.2.0 <=0.3.0) +286 more potentially affected by CVE-2022-23636 +1 more via cranelift-codegen (>=0.14.0 <=0.84.0)

cranelift-codegen CARGO version =0.14.0, =0.2.0, =0.1.0, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =0.2.9, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.26.1, =0.30.1 and more Source cves: CVE-2022-23636, CVE-2022-31169 Source advisory: OSV:GHSA-7F6X-JWH5-M9R4...

8.1CVSS7AI score0.00772EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/07/21 10:34 p.m.3 views

auto-wasi (=0.1.0), ceres-executor (>=0.1.0 <=0.2.0) +79 more potentially affected by CVE-2022-23636 +1 more via wasmtime (>=0.10.0 <=0.37.0)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.40.1, =0.45.0, =0.1.0, =0.1.0, =0.1.0, =0.1.7 - lunatic-common-api =0.9.0 and more Source cves: CVE-2022-23636, CVE-2022-31169 Source advisory: OSV:GHSA-7F6X-JWH5-M9R4...

8.1CVSS7.2AI score0.00772EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/17 12:0 p.m.2 views

auto-wasi (=0.1.0), ceres-executor (>=0.1.0 <=0.2.0) +43 more potentially affected by CVE-2022-23636 +1 more via wasmtime (>=0.10.0 <=0.33.0)

wasmtime CARGO version =0.10.0, =0.1.0, =0.40.1, =0.45.0, =0.1.0, =0.1.0, =0.3.3, =0.1.0, =0.8.0, =0.8.0, =0.9.0 - tc-executor-wasmtime =0.8.0 and more Source cves: CVE-2022-23636, CVE-2022-31169 Source advisory: OSV:RUSTSEC-2022-0096...

8.1CVSS7AI score0.00772EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/16 10:35 p.m.3 views

auto-wasi (=0.1.0), ceres-executor (>=0.1.0 <=0.2.0) +43 more potentially affected by CVE-2022-23636 +1 more via wasmtime (>=0.10.0 <=0.33.0)

wasmtime CARGO version =0.10.0, =0.1.0, =0.40.1, =0.45.0, =0.1.0, =0.1.0, =0.3.3, =0.1.0, =0.8.0, =0.8.0, =0.9.0 - tc-executor-wasmtime =0.8.0 and more Source cves: CVE-2022-23636, CVE-2022-31169 Source advisory: OSV:GHSA-88XQ-W8CQ-XFG7...

8.1CVSS7AI score0.00772EPSS
Exploits1
CVE
CVE
added 2022/02/16 10:0 p.m.94 views

CVE-2022-23636

CVE-2022-23636 affects Wasmtime prior to 0.34.1 and 0.33.1, due to a bug in the pooling instance allocator that can cause an invalid drop of a VMExternRef when a module defines an externref global and instance creation fails. The vulnerability depends on specific conditions (e.g., mprotect/Virtua...

8.1CVSS6.5AI score0.00772EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/02/16 10:0 p.m.62 views

CVE-2022-23636 Invalid drop of partially-initialized instances in wasmtime

Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an externref global will result in an invalid drop of a...

5.1CVSS8.2AI score0.00772EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2022/02/16 10:0 p.m.22 views

CVE-2022-23636

Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an externref global will result in an invalid drop of a...

8.1CVSS7.9AI score0.00772EPSS
Exploits1
Rows per page
Query Builder