CVE-2025-6273

Sažetak

A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file src/binary-reader-objdump.cc. The manipulation leads to reachable assertion. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains that this issue might not affect "real world wasm programs".

Reference

https://github.com/WebAssembly/wabt/issues/2574
https://github.com/user-attachments/files/19529411/wabt_crash.txt
https://vuldb.com/?ctiid.313277
https://vuldb.com/?id.313277
https://vuldb.com/?submit.593010

CVSS

Base:	1.7
Impact:	2.9
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:L/AC:L/Au:S/C:N/I:N/A:P

Zadnje važnije ažuriranje

19-06-2025 - 19:15

Objavljeno

19-06-2025 - 19:15