CNNVD-202506-2599 Information

Jun 19, 2025 cve

CNNVD ID

CNNVD-202506-2599

CVE-2025-6274

CNNVD Published: 2025-06-19

Description (Chinese)

WebAssembly wabt是WebAssembly开源的一个WebAssembly二进制工具包。 WebAssembly wabt 1.0.37及之前版本存在资源管理错误漏洞，该漏洞源于文件src/interp/binary-reader-interp.cc中函数OnDataCount存在资源消耗。

Description (English)

WebAssembly Wabt is a WebAssembly binary toolkit from WebAssembly Open Source. There is a resource management error loophole in WebAssembly 1.0.37 and previous versions, which stems from the resource consumption of the OnDataCount function in document src/interp/binary-reader-interp.cc.

Hazard Level

Critical

Vulnerability Type

资源管理错误

Affected Vendor

WebAssembly

Published

2025-06-19

Last Modified

2026-02-24

References

https://github.com/WebAssembly/wabt/issues/2598 https://github.com/user-attachments/files/20191325/wabt_crash_4.txt https://vuldb.com/?ctiid.313278 https://vuldb.com/?submit.593016 https://vuldb.com/?id.313278 https://access.redhat.com/security/cve/cve-2025-6274

Share on: