exploitDog

CVE-2025-64704

Опубликовано: 25 нояб. 2025

Источник: nvd

CVSS3: 4.7

CVSS3: 5.5

EPSS Низкий

Описание

WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. Prior to version 2.4.4, WAMR is susceptible to a segmentation fault in v128.store instruction. This issue has been patched in version 2.4.4.

Ссылки

https://github.com/bytecodealliance/wasm-micro-runtime/releases/tag/WAMR-2.4.4
Release Notes
https://github.com/bytecodealliance/wasm-micro-runtime/security/advisories/GHSA-2f2p-wf5w-82qr
Exploit
Vendor Advisory
https://github.com/bytecodealliance/wasm-micro-runtime/security/advisories/GHSA-2f2p-wf5w-82qr
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bytecodealliance:webassembly_micro_runtime:*:*:*:*:*:*:*:*

Версия до 2.4.4 (исключая)

EPSS

Процентиль: 2%

0.00014

Низкий

4.7 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-754

Связанные уязвимости

CVE-2025-64704

msrc

22 дня назад

WebAssembly Micro Runtime vulnerable to a segmentation fault in v128.store instruction

EPSS

Процентиль: 2%

0.00014

Низкий

4.7 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-754