CVE-2022-39974

Description

WASM3 v0.5.0 was discovered to contain a segmentation fault via the component `op_Select_i32_srs` in `wasm3/source/m3_exec.h`.

How to fix CVE-2022-39974

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

• crates.io/wasm3—no fix listed
• PyPI/pywasm3—no fix listed
• —no fix listed

Is CVE-2022-39974 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (3)

• from 0, <= 0.5.0
• from 0, <= 0.5.0
• from 0

CVSS scores

References (6)

• ADVISORYgithub.com/advisories/GHSA-crf8-h2wq-2h9x
• ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-39974
• PATCHgithub.com/wasm3/wasm3
• WEBgithub.com/pypa/advisory-database/tree/main/vulns/pywasm3/PYSEC-2022-43058.yaml
• WEB