Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 9:54 p.m.10 views

CVE-2022-24791

Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift. There is a use after free vulnerability in Wasmtime when both running Wasm that uses externrefs and enabling epoch interruption in Wasmtime. If you are not explicitly enabling epoch interruption it is disabled by default...

9.8CVSS7AI score0.01137EPSS
Exploits0References1
CVE
CVE
added 2022/03/31 11:0 p.m.122 views

CVE-2022-24791

The CVE refers to Wasmtime (WebAssembly JIT runtime using Cranelift) with a use-after-free vulnerability that occurs when running Wasm code using externrefs while epoch interruption is enabled. The issue is caused by Cranelift failing to emit stack maps for safepoints inside cold blocks, which re...

9.8CVSS9.1AI score0.01137EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2022/03/28 12:0 p.m.7 views

wasmtime-cli (>=0.35.0 <=0.35.1) potentially affected by CVE-2022-24791 via wasmtime (>=0.35.0 <=0.35.1)

wasmtime CARGO version =0.35.0, =0.35.0, =0.35.1 Source cves: CVE-2022-24791 Source advisory: OSV:RUSTSEC-2022-0099...

9.8CVSS7.2AI score0.01137EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/03/28 12:0 p.m.4 views

auto-wasi (=0.1.0), ceres-executor (>=0.1.0 <=0.2.0) +47 more potentially affected by CVE-2022-24791 via wasmtime (>=0.10.0 <=0.34.1)

wasmtime CARGO version =0.10.0, =0.1.0, =0.0.0, =0.40.1, =0.45.0, =0.1.0, =0.1.0, =0.1.0, =0.3.3, =0.1.0, =0.8.0, =0.8.0, =0.9.0 and more Source cves: CVE-2022-24791 Source advisory: OSV:RUSTSEC-2022-0099...

9.8CVSS7.2AI score0.01137EPSS
Exploits0
Rows per page
Query Builder