Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2024-25431

Date: November 7, 2024

An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate privileges via a crafted file to the check_was_abi_compatibility function.

Language: C

Severity Score

Related Resources (5)

https://nvd.nist.gov/vuln/detail/CVE-2024-25431
https://github.com/bytecodealliance/wasm-micro-runtime/issues/3122
https://github.com/bytecodealliance/wasm-micro-runtime/pull/3126
https://gist.github.com/haruki3hhh/bd228e6dcaf8c18140e1074964912b39
https://www.mend.io/vulnerability-database/CVE-2024-25431

Severity Score

Weakness Type (CWE)

Out-of-bounds Read

CWE-125

Uncontrolled Resource Consumption

CWE-400

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us