CNNVD-202512-3813 Information

CNNVD ID

CNNVD-202512-3813

Related CVE

CVE-2025-14957

• CNNVD Published: 2025-12-19

Description (Chinese)

Binaryen是WebAssembly开源的一款使用C++编写的用于WebAssembly的编译器基础结构和工具链库。 Binaryen 125及之前版本存在代码问题漏洞，该漏洞源于IRBuilder组件中函数IRBuilder::makeLocalGet的错误操作，可能导致空指针取消引用。

Description (English)

Binaryen is a section of WebAssembly Open Source that uses the C++ for WebAssembly’s compiler infrastructure and tool chains. Binaryen 125 and previous versions have a code problem loophole, which is the result of an error in the IRBuilder component, IRBuilder::makeLocalGet, which could lead to the loss of references by an empty pointer.

Hazard Level

Critical

Vulnerability Type

代码问题

Affected Vendor

WebAssembly

Published

2025-12-19

Last Modified

2026-02-24

References

https://github.com/WebAssembly/binaryen/commit/6fb2b917a79578ab44cf3b900a6da4c27251e0d4 https://github.com/WebAssembly/binaryen/issues/8090 https://github.com/WebAssembly/binaryen/pull/8099 https://github.com/oneafter/1204/blob/main/af1 https://vuldb.com/?ctiid.337593 https://vuldb.com/?id.337593 https://vuldb.com/?submit.717317 https://vuldb.com/?submit.717319