CVE-2022-28990
HIGH7.8EPSS 0.05%Buffer overflow in wasm3
Published: 5/21/2022Modified: 11/25/2024
Description
WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm.
Affected packages (2)
- PyPI/pywasm3from 0, <= 0.5.0
- PyPI/pywasm3from 0, <= 0.5.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-28990
- PATCHhttps://github.com/wasm3/wasm3
- WEBhttps://github.com/pypa/advisory-database/tree/main/vulns/pywasm3/PYSEC-2022-43154.yaml
- WEBhttps://github.com/wasm3/wasm3/commit/8441c82c4a98f554b12971450220b580c3c2b6df
- WEBhttps://github.com/wasm3/wasm3/issues/323
- WEBhttps://github.com/wasm3/wasm3/pull/324