—
PYSEC-2025-186
Details
A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / pywasm3
Introduced in:
0 No fixed version published yet for pywasm3 (pip). Pin to a known-safe version or switch to an alternative.
References
- https://vuldb.com/?id.313276 [ADVISORY]
- https://vuldb.com/?submit.593008 [ADVISORY]
- https://github.com/wasm3/wasm3/issues/531 [REPORT]
- https://vuldb.com/?ctiid.313276 [REPORT]
- https://github.com/user-attachments/files/19516600/wasm3_crash.txt [EVIDENCE]