2 matches found
hotg-rune-runtime (>=0.11.0 <=0.11.3), hotg-rune-wasm3-runtime (>=0.6.0 <=0.10.0) +7 more potentially affected by CVE-2022-39974 via wasm3 (>=0.1.3 <=0.3.1)
wasm3 CARGO version =0.1.3, =0.11.0, =0.6.0, =0.7.0, =0.4.0, =0.2.0, =0.0.1, =0.16.0, =0.15.0, =0.19.0 Source cves: CVE-2022-39974 Source advisory: OSV:GHSA-CRF8-H2WQ-2H9X...
CVE-2022-39974
CVE-2022-39974 affects WASM3 v0.5.0. The root cause is a segmentation fault in the op_Select_i32_srs path of wasm3/source/m3_exec.h, potentially causing availability impact. Exploitation is indicated as possible via a proof-of-concept (per references noting a poc), with the CVSSv3.1 profile showi...