VYPR

Wabt

by Webassembly

Source repositories

CVEs (18)

  • CVE-2025-15412MedJan 1, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decompiler::VarName of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. Such manipulation leads to out-of-bounds read. Local access is…

  • CVE-2025-15411MedJan 1, 2026
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in WebAssembly wabt up to 1.0.39. This vulnerability affects the function wabt::AST::InsertNode of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. This manipulation causes memory corruption. It is possible to launch the…

  • CVE-2025-6275LowJun 19, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the…

  • CVE-2025-6274LowJun 19, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the function OnDataCount of the file src/interp/binary-reader-interp.cc. The manipulation leads to resource consumption. Attacking locally is a requirement. The exploit…

  • CVE-2025-6273LowJun 19, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file src/binary-reader-objdump.cc. The manipulation leads to reachable assertion. Local access is required to approach this attack. The…

  • CVE-2025-3122Apr 2, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can…

  • CVE-2025-2584Mar 21, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in WebAssembly wabt 1.0.36. It has been declared as critical. This vulnerability affects the function BinaryReaderInterp::GetReturnCallDropKeepCount of the file wabt/src/interp/binary-reader-interp.cc. The manipulation leads to heap-based buffer…

  • CVE-2025-2368Mar 17, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The…

  • CVE-2023-46331Oct 23, 2023
    risk 0.00cvss epss 0.00

    WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in DataSegment::IsValidRange(), which lead to segmentation fault.

  • CVE-2023-46332Oct 23, 2023
    risk 0.00cvss epss 0.00

    WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataSegment::Drop(), which lead to segmentation fault.

  • CVE-2023-31670May 23, 2023
    risk 0.00cvss epss 0.01

    An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service (DoS) via running a crafted binary.

  • CVE-2023-27119Mar 10, 2023
    risk 0.00cvss epss 0.00

    WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::Decompiler::WrapChild.

  • CVE-2023-27115Mar 10, 2023
    risk 0.00cvss epss 0.00

    WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::cat_compute_size.

  • CVE-2023-27117Mar 10, 2023
    risk 0.00cvss epss 0.00

    WebAssembly v1.0.29 was discovered to contain a heap overflow via the component component wabt::Node::operator.

  • CVE-2023-27116Mar 10, 2023
    risk 0.00cvss epss 0.00

    WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleType.

  • CVE-2022-43282Oct 28, 2022
    risk 0.00cvss epss 0.00

    wasm-interp v1.0.29 was discovered to contain an out-of-bounds read via the component OnReturnCallIndirectExpr->GetReturnCallDropKeepCount.

  • CVE-2022-43280Oct 28, 2022
    risk 0.00cvss epss 0.00

    wasm-interp v1.0.29 was discovered to contain an out-of-bounds read via the component OnReturnCallExpr->GetReturnCallDropKeepCount.

  • CVE-2022-43281Oct 28, 2022
    risk 0.00cvss epss 0.00

    wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector<wabt::Type, std::allocator<wabt::Type>>::size() at /bits/stl_vector.h.