Lucene search
K
WebassemblyWabt

11 matches found

CVE
CVE
added 2025/03/17 8:0 a.m.82 views

CVE-2025-2368

The CVE-2025-2368 entry concerns WebAssembly wabt 1.0.36. The vulnerability occurs in wabt/src/interp/binary-reader-interp.cc, in the BinaryReaderInterp::OnExport function, within the Malformed File Handler component, causing a heap-based buffer overflow. The issue is described as remotely exploi...

8.8CVSS7.1AI score0.00529EPSS
CVE
CVE
added 2023/03/10 12:0 a.m.71 views

CVE-2023-27119

CVE-2023-27119 : WebAssembly v1.0.29 contains a segmentation fault via the component wabt::Decompiler::WrapChild. Affects the WebAssembly toolchain; vulnerable code path can be triggered locally with user interaction, with availability impact listed as HIGH. No remediation or patch details are pr...

5.5CVSS5.5AI score0.00278EPSS
CVE
CVE
added 2022/10/28 12:0 a.m.68 views

CVE-2022-43282

CVE-2022-43282 affects wasm-interp v1.0.29. The issue is an out-of-bounds read in OnReturnCallIndirectExpr->GetReturnCallDropKeepCount. Impact is high as per CVSS metrics (local access, user interaction required). PT-Security notes the issue and provides a workaround: restrict access to the On...

7.1CVSS6.8AI score0.00304EPSS
CVE
CVE
added 2025/03/21 7:31 a.m.63 views

CVE-2025-2584

CVE-2025-2584 affects WebAssembly wabt 1.0.36. The vulnerability targets BinaryReaderInterp::GetReturnCallDropKeepCount in wabt/src/interp/binary-reader-interp.cc, enabling a heap-based buffer overflow. It can be triggered remotely; exploitation is deemed high complexity, and user interaction is ...

6.8CVSS5.2AI score0.0047EPSS
CVE
CVE
added 2022/10/28 12:0 a.m.56 views

CVE-2022-43283

CVE-2022-43283 affects wasm2c v1.0.29, where an abort occurs in CWriter::Write. The root cause is an internal abort in that function, with CVSSv3.1 base score 5.5 (Medium): Local attack vector, no privileges required, user interaction needed, and availability impact is High. Publicly provided det...

5.5CVSS5.4AI score0.0027EPSS
CVE
CVE
added 2022/10/28 12:0 a.m.51 views

CVE-2022-43280

CVE-2022-43280 affects wasm-interp v1.0.29 and is due to an out-of-bounds read in OnReturnCallExpr->GetReturnCallDropKeepCount. Impact per sources is HIGH (confidentiality and availability), with local attack vector and user interaction required. Public details across connected documents confi...

7.1CVSS6.8AI score0.00304EPSS
CVE
CVE
added 2025/06/19 7:0 p.m.30 views

CVE-2025-6274

CVE-2025-6274 affects WebAssembly wabt up to 1.0.37, specifically OnDataCount in src/interp/binary-reader-interp.cc. The issue is caused by input manipulation that leads to resource consumption, enabling a local attacker to trigger denial-of-service behavior. The exploit has been disclosed public...

4.8CVSS7.3AI score0.00184EPSS
CVE
CVE
added 2026/01/01 7:32 p.m.29 views

CVE-2025-15411

CVE-2025-15411 affects WebAssembly wabt

7.8CVSS6AI score0.00179EPSS
CVE
CVE
added 2025/06/19 7:31 p.m.28 views

CVE-2025-6275

CVE-2025-6275 concerns WebAssembly wabt up to 1.0.37. The vulnerability affects the function GetFuncOffset in src/interp/binary-reader-interp.cc, where manipulation can lead to a use-after-free. It permits a local attack, with at least one public disclosure of an exploit. Connected sources consis...

4.8CVSS4.2AI score0.00194EPSS
CVE
CVE
added 2026/01/01 8:32 p.m.25 views

CVE-2025-15412

CVE-2025-15412 affects WebAssembly wabt up to 1.0.39, specifically the function wabt::Decompiler::VarName in /src/repro/wabt/bin/wasm-decompile of the wasm-decompile component. The issue enables an out-of-bounds read and requires local access to exploit. The exploit has been disclosed publicly, a...

7.8CVSS6.3AI score0.00179EPSS
CVE
CVE
added 2025/06/19 6:31 p.m.23 views

CVE-2025-6273

The CVE-2025-6273 entry concerns WebAssembly wabt up to 1.0.37. It affects the LogOpcode function in src/binary-reader-objdump.cc, where input manipulation can trigger a reachable assertion. Local access is required, and the exploit has been disclosed publicly; the code maintainer notes the issue...

4.8CVSS4.2AI score0.00189EPSS