Vulnerabilities > CVE-2019-7703 - Use After Free vulnerability in Webassembly Binaryen

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
webassembly
CWE-416
NVD
Published: 2019-02-10
Updated: 2020-06-08

Summary

In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a wasm file, as demonstrated by wasm-merge.

Vulnerable Configurations

Part Description Count
Application
Webassembly
153

Common Weakness Enumeration (CWE)

References