Segmentation Fault in Wasm3 Executable Component Discovered By Vendor
CVE-2022-44874

5.5MEDIUM

Key Information:

Vendor: Wasm3 Project
Status: Wasm3
Vendor: CVE Published:; 13 December 2022

🔔 Create Wasm3 Project Vulnerability Alert

What is CVE-2022-44874?

A segmentation fault was identified in the Wasm3 executable component, specifically within the op_CallIndirect function defined in /m3_exec.h. This vulnerability can lead to unexpected behavior and potential disruptions in applications utilizing the Wasm3 interpreter, necessitating prompt attention to secure coding practices and patching among users.

References

https://github.com/wasm3/wasm3/issues/380

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 13, 2022
Vulnerability Reserved
Nov 7, 2022

JSON