CVE-2018-17293
WAVM (before 2018-09-16) is affected. The run() function in Programs/wavm/wavm.cpp does not verify whether Emscripten memory holds the command-line arguments for the WebAssembly file’s main, allowing a crafted WebAssembly file to trigger a NULL-pointer dereference and crash (denial of service) or...