ID CVE-2019-7702
Summary A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as.
References
Vulnerable Configurations
  • cpe:2.3:a:webassembly:binaryen:1.38.22
    cpe:2.3:a:webassembly:binaryen:1.38.22
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-476
CAPEC
refmap via4
misc https://github.com/WebAssembly/binaryen/issues/1867
Last major update 10-02-2019 - 17:29
Published 10-02-2019 - 17:29
Last modified 11-02-2019 - 11:17
Back to Top