Code injection

2018-09-1004:29:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled.

CPENameOperatorVersion
webassembly_virtual_machineeq<= 2018726

CPE	Name	Operator	Version
	webassembly_virtual_machine	eq	<= 2018726

References

github.com/AndrewScheidecker/WAVM/issues/99