Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-39392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the...

7.4CVSS7.2AI score0.00577EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.11 views

CVE-2022-39392

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...

7.4CVSS6.6AI score0.00577EPSS
Exploits0References1
CVE
CVE
added 2022/11/10 12:0 a.m.77 views

CVE-2022-39392

CVE-2022-39392 affects Wasmtime’s pooling instance allocator when InstanceLimits::memory_pages is set to zero. In this configuration, the virtual memory mapping for WebAssembly memories can fail to meet safety requirements, allowing out-of-bounds reads/writes to access memory outside the wasm san...

7.4CVSS6.4AI score0.00577EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/10 12:0 a.m.6 views

CVE-2022-39392 Wasmtime vulnerable to out of bounds read/write with zero-memory-pages configuration

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...

5.9CVSS7.4AI score0.00577EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/11/05 12:0 p.m.4 views

auto-wasi (=0.1.0), candid-extractor (>=0.1.0 <=0.1.2) +99 more potentially affected by CVE-2022-39392 via wasmtime (>=0.10.0 <=12.0.2)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.5.0, =0.0.1-alpha, =0.40.1, =0.45.0, =0.1.0, =0.3.0 - inkpad-executor =0.1.0 and more Source cves: CVE-2022-39392 Source advisory: OSV:RUSTSEC-2022-0102...

7.4CVSS7.2AI score0.00577EPSS
Exploits0
Rows per page
Query Builder