https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 20 Jun 2026 16:26:35 +0000 https://vulnerability.circl.lu/sighting/173aba9e-c757-4523-8478-3ab47fcaee90/export {"uuid": "173aba9e-c757-4523-8478-3ab47fcaee90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39395", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3230", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-39395 valid pay\nURL\uff1ahttps://github.com/harry1osborn/CVE-2022-39395\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-10T05:30:01.000000Z"} {"uuid": "173aba9e-c757-4523-8478-3ab47fcaee90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39395", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3230", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-39395 valid pay\nURL\uff1ahttps://github.com/harry1osborn/CVE-2022-39395\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-10T05:30:01.000000Z"} https://vulnerability.circl.lu/sighting/173aba9e-c757-4523-8478-3ab47fcaee90/export Thu, 10 Nov 2022 05:30:01 +0000 https://vulnerability.circl.lu/sighting/4b93057b-0cf2-4132-9f38-44491a83e619/export {"uuid": "4b93057b-0cf2-4132-9f38-44491a83e619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39395", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3231", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-39395 valid pay\nURL\uff1ahttps://github.com/harry1osborn/CVE-2022-39395\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-10T05:39:03.000000Z"} {"uuid": "4b93057b-0cf2-4132-9f38-44491a83e619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39395", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3231", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-39395 valid pay\nURL\uff1ahttps://github.com/harry1osborn/CVE-2022-39395\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-10T05:39:03.000000Z"} https://vulnerability.circl.lu/sighting/4b93057b-0cf2-4132-9f38-44491a83e619/export Thu, 10 Nov 2022 05:39:03 +0000 https://vulnerability.circl.lu/sighting/19b7d2f3-8177-4da5-98fd-1778de60e76d/export {"uuid": "19b7d2f3-8177-4da5-98fd-1778de60e76d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39395", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3208", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-39395 valid pay\nURL\uff1ahttps://github.com/harry1osborn/CVE-2022-39395\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-10T05:56:11.000000Z"} {"uuid": "19b7d2f3-8177-4da5-98fd-1778de60e76d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39395", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3208", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-39395 valid pay\nURL\uff1ahttps://github.com/harry1osborn/CVE-2022-39395\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-10T05:56:11.000000Z"} https://vulnerability.circl.lu/sighting/19b7d2f3-8177-4da5-98fd-1778de60e76d/export Thu, 10 Nov 2022 05:56:11 +0000 https://vulnerability.circl.lu/sighting/60a2976b-b1aa-45ed-bd8d-a79b0e32a553/export {"uuid": "60a2976b-b1aa-45ed-bd8d-a79b0e32a553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3939", "type": "seen", "source": "https://t.me/cibsecurity/52874", "content": "\u203c CVE-2022-3939 \u203c\n\nA vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by this issue is some unknown functionality of the file apis/public/file.go of the component API. The manipulation of the argument file leads to path traversal. The attack may be launched remotely. VDB-213446 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:39:25.000000Z"} {"uuid": "60a2976b-b1aa-45ed-bd8d-a79b0e32a553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3939", "type": "seen", "source": "https://t.me/cibsecurity/52874", "content": "\u203c CVE-2022-3939 \u203c\n\nA vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by this issue is some unknown functionality of the file apis/public/file.go of the component API. The manipulation of the argument file leads to path traversal. The attack may be launched remotely. VDB-213446 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:39:25.000000Z"} https://vulnerability.circl.lu/sighting/60a2976b-b1aa-45ed-bd8d-a79b0e32a553/export Sun, 13 Nov 2022 05:39:25 +0000 https://vulnerability.circl.lu/sighting/f98fe98a-31e9-4d6f-b15d-6f9633fc9378/export {"uuid": "f98fe98a-31e9-4d6f-b15d-6f9633fc9378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39395", "type": "seen", "source": "https://t.me/cibsecurity/52880", "content": "\u203c CVE-2022-39395 \u203c\n\nVela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela Server and Vela Worker prior to version 0.16.0 and Vela UI prior to version 0.17.0, some default configurations for Vela allow exploitation and container breakouts. Users should upgrade to Server 0.16.0, Worker 0.16.0, and UI 0.17.0 to fix the issue. After upgrading, Vela administrators will need to explicitly change the default settings to configure Vela as desired. Some of the fixes will interrupt existing workflows and will require Vela administrators to modify default settings. However, not applying the patch (or workarounds) will continue existing risk exposure. Some workarounds are available. Vela administrators can adjust the worker's `VELA_RUNTIME_PRIVILEGED_IMAGES` setting to be explicitly empty, leverage the `VELA_REPO_ALLOWLIST` setting on the server component to restrict access to a list of repositories that are allowed to be enabled, and/or audit enabled repositories and disable pull_requests if they are not needed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:45:10.000000Z"} {"uuid": "f98fe98a-31e9-4d6f-b15d-6f9633fc9378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39395", "type": "seen", "source": "https://t.me/cibsecurity/52880", "content": "\u203c CVE-2022-39395 \u203c\n\nVela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. In Vela Server and Vela Worker prior to version 0.16.0 and Vela UI prior to version 0.17.0, some default configurations for Vela allow exploitation and container breakouts. Users should upgrade to Server 0.16.0, Worker 0.16.0, and UI 0.17.0 to fix the issue. After upgrading, Vela administrators will need to explicitly change the default settings to configure Vela as desired. Some of the fixes will interrupt existing workflows and will require Vela administrators to modify default settings. However, not applying the patch (or workarounds) will continue existing risk exposure. Some workarounds are available. Vela administrators can adjust the worker's `VELA_RUNTIME_PRIVILEGED_IMAGES` setting to be explicitly empty, leverage the `VELA_REPO_ALLOWLIST` setting on the server component to restrict access to a list of repositories that are allowed to be enabled, and/or audit enabled repositories and disable pull_requests if they are not needed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:45:10.000000Z"} https://vulnerability.circl.lu/sighting/f98fe98a-31e9-4d6f-b15d-6f9633fc9378/export Sun, 13 Nov 2022 05:45:10 +0000 https://vulnerability.circl.lu/sighting/dce8ce80-d8b4-4c8e-b0ac-229af8dfd7b9/export {"uuid": "dce8ce80-d8b4-4c8e-b0ac-229af8dfd7b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39392", "type": "seen", "source": "https://t.me/cibsecurity/52892", "content": "\u203c CVE-2022-39392 \u203c\n\nWasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mapping for WebAssembly memories did not meet the compiler-required configuration requirements for safely executing WebAssembly modules. Wasmtime's default settings require virtual memory page faults to indicate that wasm reads/writes are out-of-bounds, but the pooling allocator's configuration would not create an appropriate virtual memory mapping for this meaning out of bounds reads/writes can successfully read/write memory unrelated to the wasm sandbox within range of the base address of the memory mapping created by the pooling allocator. This bug is not applicable with the default settings of the `wasmtime` crate. This bug can only be triggered by setting `InstanceLimits::memory_pages` to zero. This is expected to be a very rare configuration since this means that wasm modules cannot allocate any pages of linear memory. All wasm modules produced by all current toolchains are highly likely to use linear memory, so it's expected to be unlikely that this configuration is set to zero by any production embedding of Wasmtime. This bug has been patched and users should upgrade to Wasmtime 2.0.2. This bug can be worked around by increasing the `memory_pages` allotment when configuring the pooling allocator to a value greater than zero. If an embedding wishes to still prevent memory from actually being used then the `Store::limiter` method can be used to dynamically disallow growth of memory beyond 0 bytes large. Note that the default `memory_pages` value is greater than zero.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:45:22.000000Z"} {"uuid": "dce8ce80-d8b4-4c8e-b0ac-229af8dfd7b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39392", "type": "seen", "source": "https://t.me/cibsecurity/52892", "content": "\u203c CVE-2022-39392 \u203c\n\nWasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mapping for WebAssembly memories did not meet the compiler-required configuration requirements for safely executing WebAssembly modules. Wasmtime's default settings require virtual memory page faults to indicate that wasm reads/writes are out-of-bounds, but the pooling allocator's configuration would not create an appropriate virtual memory mapping for this meaning out of bounds reads/writes can successfully read/write memory unrelated to the wasm sandbox within range of the base address of the memory mapping created by the pooling allocator. This bug is not applicable with the default settings of the `wasmtime` crate. This bug can only be triggered by setting `InstanceLimits::memory_pages` to zero. This is expected to be a very rare configuration since this means that wasm modules cannot allocate any pages of linear memory. All wasm modules produced by all current toolchains are highly likely to use linear memory, so it's expected to be unlikely that this configuration is set to zero by any production embedding of Wasmtime. This bug has been patched and users should upgrade to Wasmtime 2.0.2. This bug can be worked around by increasing the `memory_pages` allotment when configuring the pooling allocator to a value greater than zero. If an embedding wishes to still prevent memory from actually being used then the `Store::limiter` method can be used to dynamically disallow growth of memory beyond 0 bytes large. Note that the default `memory_pages` value is greater than zero.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:45:22.000000Z"} https://vulnerability.circl.lu/sighting/dce8ce80-d8b4-4c8e-b0ac-229af8dfd7b9/export Sun, 13 Nov 2022 05:45:22 +0000 https://vulnerability.circl.lu/sighting/55f4ddc2-db46-43eb-870d-cf4172b5d21d/export {"uuid": "55f4ddc2-db46-43eb-870d-cf4172b5d21d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39396", "type": "seen", "source": "https://t.me/cibsecurity/52927", "content": "\u203c CVE-2022-39396 (parse-server) \u203c\n\nParse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch, are vulnerable to Remote Code Execution via prototype pollution. An attacker can use this prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. This issue is patched in version 5.3.1 and in 4.10.18. There are no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:52:24.000000Z"} {"uuid": "55f4ddc2-db46-43eb-870d-cf4172b5d21d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39396", "type": "seen", "source": "https://t.me/cibsecurity/52927", "content": "\u203c CVE-2022-39396 (parse-server) \u203c\n\nParse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch, are vulnerable to Remote Code Execution via prototype pollution. An attacker can use this prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. This issue is patched in version 5.3.1 and in 4.10.18. There are no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:52:24.000000Z"} https://vulnerability.circl.lu/sighting/55f4ddc2-db46-43eb-870d-cf4172b5d21d/export Sun, 13 Nov 2022 05:52:24 +0000 https://vulnerability.circl.lu/sighting/1e34c004-488b-4054-9b64-87f5c7c761cc/export {"uuid": "1e34c004-488b-4054-9b64-87f5c7c761cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39397", "type": "seen", "source": "https://t.me/cibsecurity/53377", "content": "\u203c CVE-2022-39397 \u203c\n\naliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-23T00:13:14.000000Z"} {"uuid": "1e34c004-488b-4054-9b64-87f5c7c761cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39397", "type": "seen", "source": "https://t.me/cibsecurity/53377", "content": "\u203c CVE-2022-39397 \u203c\n\naliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-23T00:13:14.000000Z"} https://vulnerability.circl.lu/sighting/1e34c004-488b-4054-9b64-87f5c7c761cc/export Wed, 23 Nov 2022 00:13:14 +0000 https://vulnerability.circl.lu/sighting/d6a867af-9869-4771-8ee7-48307faa8504/export {"uuid": "d6a867af-9869-4771-8ee7-48307faa8504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39396", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8053", "content": "#exploit\n1. Dissecting redis CVE-2023-28425 with chatGPT as assistant\nhttps://tin-z.github.io/redis/cve/chatgpt/2023/04/02/redis-cve2023.html\n\n2. CVE-2022-2884:\nGitLab v.15.3 - RCE (Authenticated)\nhttps://www.exploit-db.com/exploits/51181\n\n3. CVE-2022-39396:\nAnalysis of parse-server from prototype pollution to RCE vulnerability\nhttps://paper.seebug.org/2059", "creation_timestamp": "2023-04-04T11:01:01.000000Z"} {"uuid": "d6a867af-9869-4771-8ee7-48307faa8504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39396", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8053", "content": "#exploit\n1. Dissecting redis CVE-2023-28425 with chatGPT as assistant\nhttps://tin-z.github.io/redis/cve/chatgpt/2023/04/02/redis-cve2023.html\n\n2. CVE-2022-2884:\nGitLab v.15.3 - RCE (Authenticated)\nhttps://www.exploit-db.com/exploits/51181\n\n3. CVE-2022-39396:\nAnalysis of parse-server from prototype pollution to RCE vulnerability\nhttps://paper.seebug.org/2059", "creation_timestamp": "2023-04-04T11:01:01.000000Z"} https://vulnerability.circl.lu/sighting/d6a867af-9869-4771-8ee7-48307faa8504/export Tue, 04 Apr 2023 11:01:01 +0000 https://vulnerability.circl.lu/sighting/d984600b-ff28-47ae-8d17-86c5ac03a964/export {"uuid": "d984600b-ff28-47ae-8d17-86c5ac03a964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39393", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14474", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39393\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. This bug has been patched and users should upgrade to Wasmtime 2.0.2 and 1.0.2. Other mitigations include disabling the pooling allocator and disabling the `memory-init-cow`.\n\ud83d\udccf Published: 2022-11-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T12:51:28.525Z\n\ud83d\udd17 References:\n1. https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-wh6w-3828-g9qf\n2. https://github.com/bytecodealliance/wasmtime/commit/2614f2e9d2d36805ead8a8da0fa0c6e0d9e428a0", "creation_timestamp": "2025-05-02T13:15:44.000000Z"} {"uuid": "d984600b-ff28-47ae-8d17-86c5ac03a964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39393", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14474", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39393\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. This bug has been patched and users should upgrade to Wasmtime 2.0.2 and 1.0.2. Other mitigations include disabling the pooling allocator and disabling the `memory-init-cow`.\n\ud83d\udccf Published: 2022-11-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T12:51:28.525Z\n\ud83d\udd17 References:\n1. https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-wh6w-3828-g9qf\n2. https://github.com/bytecodealliance/wasmtime/commit/2614f2e9d2d36805ead8a8da0fa0c6e0d9e428a0", "creation_timestamp": "2025-05-02T13:15:44.000000Z"} https://vulnerability.circl.lu/sighting/d984600b-ff28-47ae-8d17-86c5ac03a964/export Fri, 02 May 2025 13:15:44 +0000