CNNVD-202512-5081 Information

CNNVD ID

CNNVD-202512-5081

Related CVE

CVE-2025-69261

• CNNVD Published: 2025-12-30

Description (Chinese)

WasmEdge是WasmEdge Runtime开源的一个WebAssembly运行时。 WasmEdge 0.16.0-alpha.3之前版本存在输入验证错误漏洞，该漏洞源于乘法运算导致环绕错误，可能引发分段违规。

Description (English)

WasmEdge is a WebAssembly run by WasmEdge Runme. The previous version of WasmEdge 0.16.0-alpha.3 had an input-validation error gap, which stemmed from a multiplication operation leading to a loop error that could trigger a break-in.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

WasmEdge Runtime

Published

2025-12-30

Last Modified

2026-02-24

References

https://github.com/WasmEdge/WasmEdge/commit/37cc9fa19bd23edbbdaa9252059b17f191fa4d17 https://github.com/WasmEdge/WasmEdge/security/advisories/GHSA-89fm-8mr7-gg4m

Patch

https://github.com/WasmEdge/WasmEdge/releases