CVE-2019-7702

2019-02-1022:29:00

Google

osv.dev

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.0%

JSON

A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as.

CPENameOperatorVersion
binaryeneq1.37.10
binaryeneq1.37.2
binaryeneqersion_12
binaryeneqersion_32
binaryeneq1.37.4
binaryeneqersion_33
binaryeneq1.37.3
binaryeneq1.37.20
binaryeneq1.38.17
binaryeneqersion_9

Name	Operator	Version
binaryen	eq	1.37.10
binaryen	eq	1.37.2
binaryen	eq	ersion_12
binaryen	eq	ersion_32
binaryen	eq	1.37.4
binaryen	eq	ersion_33
binaryen	eq	1.37.3
binaryen	eq	1.37.20
binaryen	eq	1.38.17
binaryen	eq	ersion_9