CVE-2022-23636
MEDIUM5.9EPSS 0.18%Miscompilation of constant values in division on AArch64
發布日:2022/7/21修改日:2025/10/28
描述
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7f6x-jwh5-m9r4. For more information see the GitHub-hosted security advisory.
受影響套件(5)
- crates.io/cranelift-codegenfrom 0, < 0.85.2
- crates.io/wasmtimefrom 0, < 0.38.2
- crates.io/wasmtime>= 0.34.0, < 0.34.1
- crates.io/wasmtime>= 0.0.0-0, < 0.33.1, >= 0.34.0, < 0.34.1
- crates.io/wasmtime>= 0.0.0-0, < 0.38.2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
參考連結(10)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-23636
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-31169
- PATCHhttps://crates.io/crates/wasmtime
- PATCHhttps://github.com/bytecodealliance/wasmtime
- WEBhttps://github.com/bytecodealliance/wasmtime/commit/2ba4bce5cc719e5a74e571a534424614e62ecc41
- WEBhttps://github.com/bytecodealliance/wasmtime/commit/886ecc562040bef61faf19438c22285c2d62403a
- WEBhttps://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7f6x-jwh5-m9r4
- WEBhttps://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-88xq-w8cq-xfg7
- WEBhttps://rustsec.org/advisories/RUSTSEC-2022-0096.html
- WEBhttps://rustsec.org/advisories/RUSTSEC-2022-0101.html