Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-14956

Опубликовано: 19 дек. 2025
Источник: debian
EPSS Низкий

Описание

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: 4f52bff8c4075b5630422f902dd92a0af2c9f398. It is recommended to apply a patch to fix this issue.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
binaryenunfixedpackage

Примечания

  • https://github.com/WebAssembly/binaryen/issues/8089

  • https://github.com/WebAssembly/binaryen/pull/8092

  • Fixed by: https://github.com/WebAssembly/binaryen/commit/4f52bff8c4075b5630422f902dd92a0af2c9f398

  • Crash in CLI tool, no security impact

EPSS

Процентиль: 8%
0.00029
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-14956

CVSS3: 5.3
ubuntu
около 2 месяцев назад

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: 4f52bff8c4075b5630422f902dd92a0af2c9f398. It is recommended to apply a patch to fix this issue.

nvd логотип

CVE-2025-14956

CVSS3: 5.3
nvd
около 2 месяцев назад

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: 4f52bff8c4075b5630422f902dd92a0af2c9f398. It is recommended to apply a patch to fix this issue.

github логотип

GHSA-vjgx-vcpf-hm6w

CVSS3: 5.3
github
около 2 месяцев назад

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: 4f52bff8c4075b5630422f902dd92a0af2c9f398. It is recommended to apply a patch to fix this issue.

EPSS

Процентиль: 8%
0.00029
Низкий