CVE-2025-2584

Low CVSS: 2.3

A vulnerability was found in WebAssembly wabt 1.0.36. It has been declared as critical. This vulnerability affects the function BinaryReaderInterp::GetReturnCallDropKeepCount of the file wabt/src/interp/binary-reader-interp.cc. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Vendor

Webassembly

Product

Wabt

CWE

CWE-119

Yayın Tarihi

2025-03-21 08:15:11

Güncelleme

2025-11-25 19:43:01

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Wabt LOW Webassembly 2025

Referanslar

https://github.com/WebAssembly/wabt/issues/2557 https://github.com/WebAssembly/wabt/issues/2557#issue-2900405517 https://vuldb.com/?ctiid.300544 https://vuldb.com/?id.300544 https://vuldb.com/?submit.515406

Benzer Kayıtlar

Medium

CVE-2025-15412

A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decom…

Medium

CVE-2025-15411

A weakness has been identified in WebAssembly wabt up to 1.0.39. This vulnerability affects the function wabt::AST::Inse…

Medium

CVE-2025-14956

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReade…

Medium

CVE-2025-14957

A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBu…

Medium

CVE-2025-6275

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulner…

Medium

CVE-2025-6274

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the funct…