Nixpkgs security tracker
Untriaged
Permalink
CVE-2025-15572
3.3 LOW
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
wasm3 NewCodePage memory leak
A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no active maintainer at the moment.
References
-
-
-
Submit #752765 | wasm3 main branch Resource Consumption third-party-advisory
-
https://github.com/wasm3/wasm3/issues/550 issue-tracking
-
https://github.com/wasm3/wasm3/ product
Affected products
wasm3
- ==0.3
- ==0.2
- ==0.5.0
- ==0.4
- ==0.1
Matching in nixpkgs
pkgs.wasm3
Fastest WebAssembly interpreter, and the most universal runtime
-
nixos-unstable -
- nixpkgs-unstable wasm32-crate-lib
- nixos-unstable-small wasm32-crate-lib
-
nixos-25.11 wasm32-crate-lib
- nixpkgs-25.11-darwin wasm32-crate-lib
-
nixos-unstable -
- nixpkgs-unstable wasm32-crate-bin-hyphens
- nixos-unstable-small wasm32-crate-bin-hyphens
-
nixos-25.11 wasm32-crate-bin-hyphens
- nixpkgs-25.11-darwin wasm32-crate-bin-hyphens
Package maintainers
-
@malbarbo Marco A L Barbosa <malbarbo@gmail.com>