CVE-2025-2368
- Source
- https://cve.org/CVERecord?id=CVE-2025-2368
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-2368.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-2368
- Downstream
- Published
- 2025-03-17T08:00:05.922Z
- Modified
- 2026-05-15T04:13:11.049729052Z
- Severity
-
- 5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflow
- Details
-
A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
- Database specific
{ "cwe_ids": [ "CWE-119", "CWE-122" ], "cna_assigner": "VulDB", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/2xxx/CVE-2025-2368.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/2xxx/CVE-2025-2368.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-2368
- https://vuldb.com/?id.299867
- https://vuldb.com/?submit.515327
- https://github.com/WebAssembly/wabt/issues/2537
- https://github.com/WebAssembly/wabt/issues/2556
- https://github.com/WebAssembly/wabt/issues/2556#issue-2899598349
- https://vuldb.com/?ctiid.299867
- https://github.com/WebAssembly/wabt/pull/2541