CVE-2025-6272: pywasm3 has Improper Restriction of Operations within the Bounds of a Memory Buffer
(updated )
A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
References
- github.com/advisories/GHSA-rrmw-gv85-w824
- github.com/pypa/advisory-database/tree/main/vulns/pywasm3/PYSEC-2025-186.yaml
- github.com/user-attachments/files/19516600/wasm3_crash.txt
- github.com/wasm3/pywasm3/blob/main/wasm3/m3_compile.c
- github.com/wasm3/wasm3/issues/531
- nvd.nist.gov/vuln/detail/CVE-2025-6272
- vuldb.com/?ctiid.313276
- vuldb.com/?id.313276
- vuldb.com/?submit.593008
Code Behaviors & Features
Detect and mitigate CVE-2025-6272 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →