Unrated severityNVD Advisory· Published Mar 17, 2025· Updated Mar 17, 2025

WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflow

CVE-2025-2368

Description

A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Affected products

Webassembly/Wabtv5
Range: 1.0.36

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/WebAssembly/wabt/pull/2541mitreissue-trackingpatch
github.com/WebAssembly/wabt/issues/2556mitreexploitissue-tracking
vuldb.commitrethird-party-advisory
github.com/WebAssembly/wabt/issues/2537mitreissue-tracking
github.com/WebAssembly/wabt/issues/2556mitreissue-tracking
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000