Vulnerability Description
A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no active maintainer at the moment.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wasm3 Project | Wasm3 | <= 0.5.0 |
Related Weaknesses (CWE)
References
- https://github.com/oneafter/cve-proofs/blob/main/POC-20251203-07/reproExploit
- https://github.com/wasm3/wasm3/Product
- https://github.com/wasm3/wasm3/issues/550ExploitIssue Tracking
- https://vuldb.com/?ctiid.344934Permissions RequiredVDB Entry
- https://vuldb.com/?id.344934Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.752765Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-15572?
CVE-2025-15572 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has be...
How severe is CVE-2025-15572?
CVE-2025-15572 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-15572?
Check the references section above for vendor advisories and patch information. Affected products include: Wasm3 Project Wasm3.