Vulnerabilities > CVE-2018-16766 - Always-Incorrect Control Flow Implementation vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because Errors::unreachable() is reached.