CVE-2025-14957
- Source
- https://cve.org/CVERecord?id=CVE-2025-14957
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14957.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-14957
- Downstream
- Published
- 2025-12-19T17:15:51.657Z
- Modified
- 2026-03-15T22:50:35.371774Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBuilder::makeLocalSet/IRBuilder::makeLocalTee of the file src/wasm/wasm-ir-builder.cpp of the component IRBuilder. Such manipulation of the argument Index leads to null pointer dereference. Local access is required to approach this attack. The exploit is publicly available and might be used. The name of the patch is 6fb2b917a79578ab44cf3b900a6da4c27251e0d4. Applying a patch is advised to resolve this issue.
- References
-
- https://github.com/WebAssembly/binaryen/
- https://github.com/oneafter/1204/blob/main/af1
- https://vuldb.com/?id.337593
- https://vuldb.com/?submit.717319
- https://vuldb.com/?submit.717317
- https://github.com/WebAssembly/binaryen/issues/8090
- https://github.com/WebAssembly/binaryen/pull/8099
- https://vuldb.com/?ctiid.337593
- https://github.com/WebAssembly/binaryen/commit/6fb2b917a79578ab44cf3b900a6da4c27251e0d4
Affected packages
Git / github.com/webassembly/binaryen
Affected versions
1.*
1.36.10
1.36.11
1.36.12
1.36.13
1.36.14
1.36.2
1.36.3
1.36.4
1.36.5
1.36.6
1.36.7
1.36.8
1.36.9
1.37.0
1.37.1
1.37.10
1.37.11
1.37.12
1.37.13
1.37.14
1.37.15
1.37.16
1.37.17
1.37.18
1.37.19
1.37.2
1.37.20
1.37.21
1.37.22
1.37.23
1.37.24
1.37.25
1.37.26
1.37.27
1.37.28
1.37.29
1.37.3
1.37.30
1.37.31
1.37.32
1.37.33
1.37.34
1.37.35
1.37.36
1.37.37
1.37.39
1.37.4
1.37.40
1.37.5
1.37.6
1.37.7
1.37.8
1.37.9
1.38.0
1.38.1
1.38.10
1.38.11
1.38.12
1.38.13
1.38.14
1.38.15
1.38.16
1.38.17
1.38.18
1.38.19
1.38.2
1.38.20
1.38.21
1.38.22
1.38.23
1.38.24
1.38.25
1.38.26
1.38.27
1.38.28
1.38.29
1.38.3
1.38.30
1.38.31
1.38.32
1.38.4
1.38.47
1.38.48
1.38.5
1.38.6
1.38.7
1.38.8
1.38.9
1.39.1
Other
binary_0xb
rebuild-121
version_1
version_10
version_100
version_101
version_102
version_103
version_104
version_105
version_106
version_107
version_108
version_109
version_11
version_110
version_111
version_112
version_113
version_114
version_115
version_116
version_117
version_118
version_119
version_12
version_120
version_120_b
version_121
version_122
version_123
version_124
version_125
version_13
version_14
version_15
version_16
version_17
version_18
version_19
version_2
version_20
version_21
version_22
version_23
version_24
version_25
version_26
version_27
version_28
version_29
version_3
version_30
version_31
version_32
version_33
version_34
version_35
version_36
version_37
version_38
version_39
version_4
version_40
version_41
version_42
version_43
version_44
version_45
version_46
version_47
version_48
version_49
version_5
version_50
version_51
version_52
version_53
version_54
version_55
version_56
version_57
version_58
version_59
version_6
version_60
version_61
version_62
version_63
version_64
version_65
version_66
version_67
version_68
version_69
version_7
version_70
version_71
version_72
version_73
version_74
version_75
version_76
version_77
version_78
version_79
version_8
version_80
version_81
version_82
version_83
version_84
version_85
version_86
version_87
version_88
version_89
version_9
version_90
version_91
version_92
version_93
version_94
version_95
version_96
version_97
version_98
version_99
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/wasm/wasm-ir-builder.cpp",
"function": "IRBuilder::makeLocalGet"
},
"id": "CVE-2025-14957-05b5addf",
"deprecated": false,
"source": "https://github.com/webassembly/binaryen/commit/6fb2b917a79578ab44cf3b900a6da4c27251e0d4",
"digest": {
"function_hash": "37150401213921437638495408923897731541",
"length": 231.0
}
},
{
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/wasm/wasm-ir-builder.cpp"
},
"id": "CVE-2025-14957-9724968f",
"deprecated": false,
"source": "https://github.com/webassembly/binaryen/commit/6fb2b917a79578ab44cf3b900a6da4c27251e0d4",
"digest": {
"line_hashes": [
"65441754353024101277539308434159489327",
"207873389646354154682199852490523773173",
"219349994740340068868696286143452017109",
"166706870223361901880824879789026356755",
"232751961893424969708494111437530940202",
"141402255153278176322461148032485203893",
"74260984435590539904607112954906817945",
"66222039135351211860914597854891841928",
"209497641050048235992456462459555589116",
"318822604100098903653366680634304782248",
"302096927631525680812671872706320625246",
"66222039135351211860914597854891841928"
],
"threshold": 0.9
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/wasm/wasm-ir-builder.cpp",
"function": "IRBuilder::makeLocalSet"
},
"id": "CVE-2025-14957-9efbc9e0",
"deprecated": false,
"source": "https://github.com/webassembly/binaryen/commit/6fb2b917a79578ab44cf3b900a6da4c27251e0d4",
"digest": {
"function_hash": "289982815675862881458904321668324794935",
"length": 280.0
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/wasm/wasm-ir-builder.cpp",
"function": "IRBuilder::makeLocalTee"
},
"id": "CVE-2025-14957-f6e01615",
"deprecated": false,
"source": "https://github.com/webassembly/binaryen/commit/6fb2b917a79578ab44cf3b900a6da4c27251e0d4",
"digest": {
"function_hash": "282749212566432830466598371267514264991",
"length": 313.0
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14957.json"