CNNVD-202506-2598 Information

Jun 19, 2025 cve

CNNVD ID

CNNVD-202506-2598

CVE-2025-6275

CNNVD Published: 2025-06-19

Description (Chinese)

WebAssembly wabt是WebAssembly开源的一个WebAssembly二进制工具包。 WebAssembly wabt 1.0.37及之前版本存在资源管理错误漏洞，该漏洞源于文件src/interp/binary-reader-interp.cc中函数GetFuncOffset存在释放后重用。

Description (English)

WebAssembly Wabt is a WebAssembly binary toolkit from WebAssembly Open Source. There is a resource management error gap in WebAssembly 1.0.37 and earlier versions, which stems from the release and reuse of the function GetFuncofset in document src/interp/binary-reader-interp.cc.

Hazard Level

Critical

Vulnerability Type

资源管理错误

Affected Vendor

WebAssembly

Published

2025-06-19

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.313279 https://vuldb.com/?submit.593017 https://vuldb.com/?id.313279 https://github.com/user-attachments/files/20623626/wabt_crash_5.txt https://github.com/WebAssembly/wabt/issues/2614 https://access.redhat.com/security/cve/cve-2025-6275

Share on: