CVE-2023-46332

CVE-2023-46332 pertains to WebAssembly wabt 1.0.33, with an Out-of-Bound Memory Write in DataSegment::Drop() that leads to a segmentation fault. Affected component is wabt’s WebAssembly tooling; root cause is a memory handling bug in DataSegment::Drop(). Public details across connected docs menti...

CVE-2023-31670

The CVE-2023-31670 entry refers to a vulnerability in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 that can cause a Denial of Service (DoS) when processing a crafted binary. The connected sources confirm the affected components and the DoS impact, including CVSS...

CVE-2023-46331

CVE-2023-46331 affects WebAssembly wabt 1.0.33. The issue is an Out-of-Bound Memory Read in DataSegment::IsValidRange(), which can cause a segmentation fault. The NVD entry documents a CVSSv3.1 base score of 5.5 (Medium) with local attack vector, requiring user interaction, and no confidentiality...

CVE-2025-3122

CVE-2025-3122 affects WebAssembly wabt 1.0.36. The vulnerability targets BinaryReaderInterp::BeginFunctionBody in src/interp/binary-reader-interp.cc, causing a null pointer dereference. Exploitation can be performed remotely with high attack complexity and a revealed public exploit. The available...

CVE-2023-31669

CVE-2023-31669 affects the WebAssembly toolchain wabt, specifically wat2wasm v1.0.32. The issue arises when an attacker places an @ before a quotation mark, triggering a crash in libc++abi.dylib. Public sources (NVD OSV entries and Fedora advisories) confirm the vulnerable release is wabt 1.0.32 ...