Vulnerabilities > CVE-2019-7703 - Use After Free vulnerability in Webassembly Binaryen

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
webassembly
CWE-416
NVD
Published: 2019-02-10
Updated: 2019-02-11

Summary

In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a wasm file, as demonstrated by wasm-merge.

Vulnerable Configurations

Part Description Count
Application
Webassembly
64

Common Weakness Enumeration (CWE)

References