2019-02-10 23:29:00 2019-02-11 16:58:50

A heap-based buffer over-read was discovered in wasm::SExpressionParser::skipWhitespace() in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm2js.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL