Vulnerabilities > CVE-2019-7151 - NULL Pointer Dereference vulnerability in Webassembly Binaryen

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
webassembly
CWE-476
NVD
Published: 2019-01-29
Updated: 2019-01-29

Summary

A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.

Vulnerable Configurations

Part Description Count
Application
Webassembly
65

Common Weakness Enumeration (CWE)

References