PT-2026-22507 · Wren · Wren
Oneafter
·
Publicado
2026-03-01
·
Atualizado
2026-03-10
·
CVE-2026-3385
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
wren-lang wren versions up to 0.4.0
Description
A flaw exists in the
resolveLocal function within the src/vm/wren compiler.c file. This issue leads to uncontrolled recursion. Local access is required for exploitation. The details of the issue have been publicly disclosed.Recommendations
Versions prior to 0.4.0 should be updated. As a temporary workaround, consider restricting the use of the
resolveLocal function until a patch is available.Exploit
Correção
Uncontrolled Recursion
Improper Resource Release
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Wren