WebAssembly wabt 1.0.36 binary-reader-interp.cc BeginFunctionBody Kari na aiki

Gaskiya vulnerability da aka ware a matsayin karshewa an samu a WebAssembly wabt 1.0.36. Hakika, aikin BinaryReaderInterp::BeginFunctionBody ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil src/interp/binary-reader-interp.cc, a cikin sashen $software_component. A sa manipulation ka Kari na aiki. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-476. Hakika, rauni an bayyana shi 04/02/2025 kamar 2565. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2025-3122. Ngam yiɗi ka a tuma ndiyam ka nder internet. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

2 Goyarwa · 97 Datenpunkte

FurɗeSúgá
04/02/2025 15:42		Gargadi 1/1
09/24/2025 06:10
software_vendorWebAssemblyWebAssembly
software_namewabtwabt
software_version1.0.361.0.36
software_filesrc/interp/binary-reader-interp.ccsrc/interp/binary-reader-interp.cc
software_functionBinaryReaderInterp::BeginFunctionBodyBinaryReaderInterp::BeginFunctionBody
vulnerability_cweCWE-476 (Kari na aiki)CWE-476 (Kari na aiki)
vulnerability_risk11
cvss3_vuldb_avNN
cvss3_vuldb_acHH
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iNN
cvss3_vuldb_aLL
cvss3_vuldb_ePP
cvss3_vuldb_rcRR
advisory_identifier25652565
advisory_urlhttps://github.com/WebAssembly/wabt/issues/2565https://github.com/WebAssembly/wabt/issues/2565
exploit_availability11
exploit_publicity11
exploit_urlhttps://github.com/WebAssembly/wabt/issues/2565#issue-2927572319https://github.com/WebAssembly/wabt/issues/2565#issue-2927572319
source_cveCVE-2025-3122CVE-2025-3122
cna_responsibleVulDBVulDB
cvss2_vuldb_avNN
cvss2_vuldb_acHH
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiNN
cvss2_vuldb_aiPP
cvss2_vuldb_ePOCPOC
cvss2_vuldb_rcURUR
cvss4_vuldb_avNN
cvss4_vuldb_acHH
cvss4_vuldb_prNN
cvss4_vuldb_uiPP
cvss4_vuldb_vcNN
cvss4_vuldb_viNN
cvss4_vuldb_vaLL
cvss4_vuldb_ePP
cvss2_vuldb_rlNDND
cvss3_vuldb_rlXX
cvss4_vuldb_atNN
cvss4_vuldb_scNN
cvss4_vuldb_siNN
cvss4_vuldb_saNN
cvss2_vuldb_basescore2.62.6
cvss2_vuldb_tempscore2.22.2
cvss3_vuldb_basescore3.13.1
cvss3_vuldb_tempscore2.82.8
cvss3_meta_basescore3.13.8
cvss3_meta_tempscore2.83.7
cvss4_vuldb_bscore2.32.3
cvss4_vuldb_btscore1.31.3
advisory_date1743544800 (04/02/2025)1743544800 (04/02/2025)
price_0day$0-$5k$0-$5k
cvss3_cna_aL
cvss3_cna_basescore3.1
cvss3_nvd_avN
cvss3_nvd_acH
cvss3_nvd_prN
cvss3_nvd_uiR
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss3_nvd_basescore5.3
cvss2_cna_avN
cvss2_cna_acH
cvss2_cna_auN
cvss2_cna_ciN
cvss2_cna_iiN
cvss2_cna_aiP
cvss2_cna_basescore2.6
cve_nvd_summaryA vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
cve_nvd_summaryesUna vulnerabilidad clasificada como problemática se encontró en WebAssembly WABT 1.0.36. Afectado por esta vulnerabilidad está la función BinaryReaderInterp::BeginFunctionBody del archivo src/interp/binary-lecter-interp.cc. La manipulación conduce a la deserción del puntero nulo. El ataque se puede lanzar de forma remota. Es un ataque de complejidad bastante alta. Parece difícil de explotar. Se ha hecho público el exploit y puede que sea utilizado.
cvss4_cna_avN
cvss4_cna_acH
cvss4_cna_atN
cvss4_cna_prN
cvss4_cna_uiP
cvss4_cna_vcN
cvss4_cna_viN
cvss4_cna_vaL
cvss4_cna_scN
cvss4_cna_siN
cvss4_cna_saN
cvss4_cna_bscore2.3
cvss3_cna_avN
cvss3_cna_acH
cvss3_cna_prN
cvss3_cna_uiR
cvss3_cna_sU
cvss3_cna_cN
cvss3_cna_iN

GurɗoGumtiGada

Interested in the pricing of exploits?

See the underground prices here!