ID CVE-2019-7703
Summary In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a wasm file, as demonstrated by wasm-merge.
References
Vulnerable Configurations
  • cpe:2.3:a:webassembly:binaryen:1.38.22
    cpe:2.3:a:webassembly:binaryen:1.38.22
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-416
CAPEC
refmap via4
misc https://github.com/WebAssembly/binaryen/issues/1865
Last major update 10-02-2019 - 17:29
Published 10-02-2019 - 17:29
Last modified 11-02-2019 - 11:18
Back to Top