Lucene search
K
WebassemblyBinaryen

13 matches found

CVE
CVE
added 2019/08/29 1:2 a.m.190 views

CVE-2019-15758

CVE-2019-15758 affects Binaryen 1.38.32. The issue is caused by missing validation rules in asmjs/asmangle.cpp, leading to an Assertion Failure in wasm/wasm.cpp (wasm::asmangle). A crafted input can cause denial-of-service, as demonstrated by wasm2js. Connected reports consistently describe the s...

6.5CVSS6.3AI score0.01242EPSS
CVE
CVE
added 2019/08/29 1:1 a.m.178 views

CVE-2019-15759

CVE-2019-15759 affects Binaryen 1.38.32. Two visitors in ir/ExpressionManipulator.cpp can trigger a NULL pointer dereference in wasm::LocalSet::finalize within wasm/wasm.cpp, leading to segmentation faults and denial-of-service (as demonstrated by wasm2js). Connected sources (NVD, Red Hat, OSV, U...

6.5CVSS6.3AI score0.01253EPSS
CVE
CVE
added 2019/02/10 10:0 p.m.69 views

CVE-2019-7703

In Binaryen 1.38.22, a use-after-free flaw in wasm::WasmBinaryBuilder::visitCall (wasm-binary.cpp) allows remote attackers to trigger denial-of-service by processing a crafted wasm file (as demonstrated by wasm-merge). The CVE description and multiple connected records confirm the affected compon...

6.5CVSS6.3AI score0.01459EPSS
CVE
CVE
added 2019/02/10 10:0 p.m.65 views

CVE-2019-7701

CVE-2019-7701 affects Binaryen 1.38.22: a heap-based buffer over-read in wasm-s-parser.cpp, wasm::SExpressionParser::skipWhitespace(). A crafted wasm input can trigger a segmentation fault and denial-of-service (as demonstrated by wasm2js). Affected component is the S-Expression parser; root caus...

6.5CVSS6.4AI score0.01153EPSS
CVE
CVE
added 2019/02/10 10:0 p.m.63 views

CVE-2019-7702

Technical details about CVE-2019-7702 are not publicly available in the provided connected documents. Monitor for updates; no confirmed affected products, versions, or fixes are disclosed here.

6.5CVSS6.3AI score0.0115EPSS
CVE
CVE
added 2019/01/29 12:0 a.m.59 views

CVE-2019-7153

CVE-2019-7153 describes a NULL pointer dereference in Binaryen 1.38.22, specifically in wasm/wasm-binary.cpp during wasm::WasmBinaryBuilder::processFunctions() when calling wasm::WasmBinaryBuilder::getFunctionIndexName. A crafted input can cause segmentation faults, leading to denial-of-service, ...

6.5CVSS6.3AI score0.01169EPSS
CVE
CVE
added 2019/01/29 12:0 a.m.57 views

CVE-2019-7151

CVE-2019-7151: A NULL pointer dereference in wasm::Module::getFunctionOrNull (Binaryen 1.38.22, wasm/wasm.cpp) can cause a segmentation fault and denial-of-service, as demonstrated by wasm-opt. The vulnerability affects Binaryen’s wasm module handling and is triggered by crafted input. No remedia...

6.5CVSS6.3AI score0.01156EPSS
CVE
CVE
added 2019/01/29 12:0 a.m.55 views

CVE-2019-7152

CVE-2019-7152 affects Binaryen 1.38.22. A heap-based buffer over-read in wasm-binary.cpp (WasmBinaryBuilder::processFunctions, via getFunctionIndexName) can cause segmentation faults and denial-of-service when processing crafted input (e.g., via wasm-opt). The provided documents do not specify a ...

6.5CVSS6.5AI score0.01153EPSS
CVE
CVE
added 2019/02/10 10:0 p.m.55 views

CVE-2019-7700

The CVE-2019-7700 issue involves a heap-based buffer over-read in Binaryen 1.38.22, specifically in wasm::WasmBinaryBuilder::visitCall within wasm-binary.cpp. The vulnerability occurs when processing crafted WASM input, which can trigger a segmentation fault and cause denial-of-service (as demons...

6.5CVSS6.4AI score0.01153EPSS
CVE
CVE
added 2019/02/10 10:0 p.m.54 views

CVE-2019-7704

The CVE concerns Binaryen, specifically wasm-binary.cpp: WasmBinaryBuilder::readUserSection in Binaryen 1.38.22. The issue is an attempt at excessive memory allocation triggered by wasm-merge/wasm-opt, indicating a potential memory exhaustion vulnerability in the WebAssembly toolchain component. ...

6.5CVSS6.4AI score0.01163EPSS
CVE
CVE
added 2019/01/29 12:0 a.m.53 views

CVE-2019-7154

The CVE-2019-7154 issue affects Binaryen 1.38.22, specifically the main function in tools/wasm2js.cpp. The root cause is a heap-based buffer overflow caused by misusing Emscripten, which triggers an error in cashew::JSPrinter::printAst() within emscripten-optimizer/simple_ast.h. A crafted input c...

6.5CVSS6.6AI score0.01118EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.49 views

CVE-2020-18378

CVE-2020-18378 affects Binaryen 1.38.26. A NULL pointer dereference in SExpressionWasmBuilder::makeBlock (wasm/wasm-s-parser.c) can cause a segmentation fault and denial-of-service when processing crafted wasm input. The connected PT-2023-11493 entry reiterates Binaryen 1.38.26 as vulnerable and ...

6.5CVSS6.3AI score0.00525EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.40 views

CVE-2020-18382

Affected software: Binaryen 1.38.26. Vulnerability: heap-buffer-overflow in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) within src/wasm/wasm-binary.cpp, causing a segmentation fault and denial-of-service when processing crafted wasm inputs (as demonstrated by wasm-opt). Impact: denial-of-se...

6.5CVSS6.3AI score0.00525EPSS