CVE-2022-39394
LOW3.8EPSS 0.12%Out of bounds write in `wasmtime_trap_code` C API function
Published: 2/1/2024Modified: 5/2/2025
Description
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-h84q-m8rr-3v9q. For more information see the GitHub-hosted security advisory.
Affected packages (2)
- crates.io/wasmtime>= 2.0.0, < 2.0.2
- crates.io/wasmtime>= 0.0.0-0, < 1.0.2, >= 2.0.0, < 2.0.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | LOW3.8 | CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
References (8)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-39394
- PATCHhttps://crates.io/crates/wasmtime
- PATCHhttps://github.com/bytecodealliance/wasmtime
- WEBhttps://github.com/bytecodealliance/wasmtime/commit/087d9d7becf7422b3f872a3bcd5d97bb7ce7ff36
- WEBhttps://github.com/bytecodealliance/wasmtime/commit/5b6d5e78de106503b3b9add218bb3d2b1d63c493
- WEBhttps://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-h84q-m8rr-3v9q
- WEBhttps://groups.google.com/a/bytecodealliance.org/g/sec-announce/c/c1HBDDJwNPA
- WEBhttps://rustsec.org/advisories/RUSTSEC-2022-0097.html