CVE-2025-14956

CVE-2025-14956

Name

CVE-2025-14956

Description

A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: 4f52bff8c4075b5630422f902dd92a0af2c9f398. It is recommended to apply a patch to fix this issue.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
patch	https://github.com/WebAssembly/binaryen/commit/4f52bff8c4075b5630422f902dd92a0af2c9f398
issue-tracking	https://github.com/WebAssembly/binaryen/issues/8089
issue-tracking	https://github.com/WebAssembly/binaryen/pull/8092
exploit	https://github.com/oneafter/1204/blob/main/hbf
signature	https://vuldb.com/?ctiid.337592
vdb-entry	https://vuldb.com/?id.337592
third-party-advisory	https://vuldb.com/?submit.717315

Type

URI

patch

https://github.com/WebAssembly/binaryen/commit/4f52bff8c4075b5630422f902dd92a0af2c9f398

issue-tracking

https://github.com/WebAssembly/binaryen/issues/8089

issue-tracking

https://github.com/WebAssembly/binaryen/pull/8092

exploit

https://github.com/oneafter/1204/blob/main/hbf

signature

https://vuldb.com/?ctiid.337592

vdb-entry

https://vuldb.com/?id.337592

third-party-advisory

https://vuldb.com/?submit.717315

CPE URI	Source package	Min version	Max version
	binaryen	== 125	== None
`cpe:2.3:a:webassembly:binaryen::::::::`	binaryen	>= None	<= 125

CPE URI

Source package

Min version

Max version

binaryen

== 125

== None

cpe:2.3:a:webassembly:binaryen:*:*:*:*:*:*:*:*

binaryen

>= None

<= 125

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
binaryen	edge-community	123-r1	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
binaryen	edge-community	123-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
binaryen	edge-community	121-r2	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
binaryen	edge-community	121-r1	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
binaryen	edge-community	121-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
binaryen	edge-community	120-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
binaryen	3.23-community	123-r1	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
binaryen	3.22-community	123-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
binaryen	3.22-community	120-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

binaryen

edge-community

123-r1

Jakub Jirutka <jakub@jirutka.cz>

possibly vulnerable

binaryen

edge-community