25 matches found
CVE-2019-15758
CVE-2019-15758 affects Binaryen 1.38.32. The issue is caused by missing validation rules in asmjs/asmangle.cpp, leading to an Assertion Failure in wasm/wasm.cpp (wasm::asmangle). A crafted input can cause denial-of-service, as demonstrated by wasm2js. Connected reports consistently describe the s...
CVE-2019-15759
CVE-2019-15759 affects Binaryen 1.38.32. Two visitors in ir/ExpressionManipulator.cpp can trigger a NULL pointer dereference in wasm::LocalSet::finalize within wasm/wasm.cpp, leading to segmentation faults and denial-of-service (as demonstrated by wasm2js). Connected sources (NVD, Red Hat, OSV, U...
CVE-2021-45290
Binaryen 103 has a Denial of Service vulnerability caused by an assertion abort in wasm::handle_unreachable. Affected component is Binaryen 103; impact is availability (as per the CVE entry). The provided connected documents do not include exploit details or remediation.
CVE-2021-45293
Binaryen 103 is affected by a Denial of Service vulnerability caused by an invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet. The CVE entry (CVE-2021-45293) and multiple sources (NVD, CNVD, OSV) describe the issue as a DoS condition; exploitation details are not provided in ...
CVE-2019-7703
In Binaryen 1.38.22, a use-after-free flaw in wasm::WasmBinaryBuilder::visitCall (wasm-binary.cpp) allows remote attackers to trigger denial-of-service by processing a crafted wasm file (as demonstrated by wasm-merge). The CVE description and multiple connected records confirm the affected compon...
CVE-2019-7701
CVE-2019-7701 affects Binaryen 1.38.22: a heap-based buffer over-read in wasm-s-parser.cpp, wasm::SExpressionParser::skipWhitespace(). A crafted wasm input can trigger a segmentation fault and denial-of-service (as demonstrated by wasm2js). Affected component is the S-Expression parser; root caus...
CVE-2019-7702
Technical details about CVE-2019-7702 are not publicly available in the provided connected documents. Monitor for updates; no confirmed affected products, versions, or fixes are disclosed here.
CVE-2021-46050
CVE-2021-46050 describes a stack overflow in Binaryen 103 involving the printf_common function. The linked sources across multiple feeds (CNVD/CNNVD/OSV/Ubuntu/NVD and Nessus) consistently identify a stack-based overflow in printf_common that can affect Binaryen 103. The impact is described as a ...
CVE-2021-46052
CVE-2021-46052 concerns a Denial of Service in Binaryen 104 caused by an assertion abort in wasm::Tuple::validate. The vulnerability is triggered within the Binaryen project’s WebAssembly tooling, with no public details on exploit specifics, vectors, or affected subversions beyond version 104. Th...
CVE-2019-7153
CVE-2019-7153 describes a NULL pointer dereference in Binaryen 1.38.22, specifically in wasm/wasm-binary.cpp during wasm::WasmBinaryBuilder::processFunctions() when calling wasm::WasmBinaryBuilder::getFunctionIndexName. A crafted input can cause segmentation faults, leading to denial-of-service, ...
CVE-2021-46054
CVE-2021-46054 affects Binaryen 104 and is described in multiple sources as a Denial of Service due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). The public documents consistently identify the vulnerable component as Binaryen 104 and the underling cause as an ass...
CVE-2021-46055
CVE-2021-46055 affects Binaryen 104 and describes a Denial of Service caused by an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). The vulnerability’s impact, per linked sources, is an availability disruption (DoS) without details on exploitable vectors or affected versi...
CVE-2019-7151
CVE-2019-7151: A NULL pointer dereference in wasm::Module::getFunctionOrNull (Binaryen 1.38.22, wasm/wasm.cpp) can cause a segmentation fault and denial-of-service, as demonstrated by wasm-opt. The vulnerability affects Binaryen’s wasm module handling and is triggered by crafted input. No remedia...
CVE-2019-7152
CVE-2019-7152 affects Binaryen 1.38.22. A heap-based buffer over-read in wasm-binary.cpp (WasmBinaryBuilder::processFunctions, via getFunctionIndexName) can cause segmentation faults and denial-of-service when processing crafted input (e.g., via wasm-opt). The provided documents do not specify a ...
CVE-2019-7700
The CVE-2019-7700 issue involves a heap-based buffer over-read in Binaryen 1.38.22, specifically in wasm::WasmBinaryBuilder::visitCall within wasm-binary.cpp. The vulnerability occurs when processing crafted WASM input, which can trigger a segmentation fault and cause denial-of-service (as demons...
CVE-2021-46053
CVE-2021-46053 is a Denial of Service vulnerability in Binaryen 103 where the program terminates with signal SIGKILL. The available sources consistently describe the issue but do not provide concrete technical details, exploit vectors, affected versions beyond the 103 release, or remediation step...
CVE-2019-7704
The CVE concerns Binaryen, specifically wasm-binary.cpp: WasmBinaryBuilder::readUserSection in Binaryen 1.38.22. The issue is an attempt at excessive memory allocation triggered by wasm-merge/wasm-opt, indicating a potential memory exhaustion vulnerability in the WebAssembly toolchain component. ...
CVE-2021-46048
CVE-2021-46048 : A Denial of Service vulnerability exists in Binaryen 104 caused by an assertion abort in wasm::WasmBinaryBuilder::readFunctions. The connected documents consistently reference Binaryen 104 and this exact function as the root cause, with impact described as DoS. No public exploit ...
CVE-2019-7154
The CVE-2019-7154 issue affects Binaryen 1.38.22, specifically the main function in tools/wasm2js.cpp. The root cause is a heap-based buffer overflow caused by misusing Emscripten, which triggers an error in cashew::JSPrinter::printAst() within emscripten-optimizer/simple_ast.h. A crafted input c...
CVE-2019-7662
CVE-2019-7662 affects Binaryen 1.38.22, where an assertion failure in wasm-binary.cpp::WasmBinaryBuilder::getType() can be triggered by a crafted wasm file, leading to remote denial of service through a crash. The available connected documents confirm the root cause and impact (DoS via crafted wa...
CVE-2020-18378
CVE-2020-18378 affects Binaryen 1.38.26. A NULL pointer dereference in SExpressionWasmBuilder::makeBlock (wasm/wasm-s-parser.c) can cause a segmentation fault and denial-of-service when processing crafted wasm input. The connected PT-2023-11493 entry reiterates Binaryen 1.38.26 as vulnerable and ...
CVE-2020-18382
Affected software: Binaryen 1.38.26. Vulnerability: heap-buffer-overflow in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) within src/wasm/wasm-binary.cpp, causing a segmentation fault and denial-of-service when processing crafted wasm inputs (as demonstrated by wasm-opt). Impact: denial-of-se...
CVE-2025-14956
CVE-2025-14956 affects WebAssembly Binaryen up to 125. The vulnerability is in WasmBinaryReader::readExport (src/wasm/wasm-binary.cpp), causing a heap-based buffer overflow that can be exploited on the local host. Public exploit details exist; patch referenced as 4f52bff8c4075b5630422f902dd92a0af...
CVE-2025-14957
CVE-2025-14957 affects WebAssembly Binaryen (IRBuilder) up to 125, specifically IRBuilder::makeLocalGet/ makeLocalSet/ makeLocalTee in wasm-ir-builder.cpp. The vulnerability arises from manipulating the Local Index argument, triggering a NULL pointer dereference when processing a malformed binary...
CVE-2026-8257
The CVE affects WebAssembly Binaryen up to 117, specifically the BrOn Parser component’s IRBuilder::makeBrOn in src/wasm/wasm-ir-builder.cpp. A reachable assertion can be triggered by manipulation in this function. Local attack vector; the exploit is public and may be used. A patch exists (hash: ...