CVE-2025-6275

Medium CVSS: 4.8

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. A similar issue reported during the same timeframe was disputed by the code maintainer because it might not affect "real world wasm programs". Therefore, this entry might get disputed as well in the future.

Vendor

Webassembly

Product

Wabt

CWE

CWE-119

Yayın Tarihi

2025-06-19 20:15:24

Güncelleme

2025-07-02 18:34:42

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Wabt MEDIUM Webassembly 2025

Referanslar

https://github.com/WebAssembly/wabt/issues/2614 https://github.com/user-attachments/files/20623626/wabt_crash_5.txt https://vuldb.com/?ctiid.313279 https://vuldb.com/?id.313279 https://vuldb.com/?submit.593017 https://github.com/WebAssembly/wabt/issues/2614

Benzer Kayıtlar

Medium

CVE-2025-15412

A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decom…

Medium

CVE-2025-15411

A weakness has been identified in WebAssembly wabt up to 1.0.39. This vulnerability affects the function wabt::AST::Inse…

Medium

CVE-2025-14956

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReade…

Medium

CVE-2025-14957

A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBu…

Medium

CVE-2025-6274

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the funct…

Medium

CVE-2025-6273

A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the functio…