Webassembly Binaryen

Do you want an email whenever new security vulnerabilities are reported in Webassembly Binaryen?

By the Year

In 2024 there have been 0 vulnerabilities in Webassembly Binaryen . Last year Binaryen had 2 security vulnerabilities published. Right now, Binaryen is on track to have less security vulnerabilities in 2024 than it did last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	2	6.50
2022	6	5.50
2021	2	6.50
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Binaryen vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Webassembly Binaryen Security Vulnerabilities

Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26

CVE-2020-18382 6.5 - Medium - August 22, 2023

Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-opt.

Memory Corruption

A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26

CVE-2020-18378 6.5 - Medium - August 22, 2023

A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as.

NULL Pointer Dereference

A Stack Overflow vulnerability exists in Binaryen 103

CVE-2021-46050 5.5 - Medium - January 10, 2022

A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common function.

Allocation of Resources Without Limits or Throttling

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions.

CVE-2021-46048 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions.

assertion failure

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

CVE-2021-46055 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

assertion failure

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

CVE-2021-46054 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

assertion failure

A Denial of Service vulnerability exists in Binaryen 103

CVE-2021-46053 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL.

Buffer Overflow

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate.

CVE-2021-46052 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate.

assertion failure

A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet.

CVE-2021-45293 5.5 - Medium - December 21, 2021

A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet.

Buffer Overflow

A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.

CVE-2021-45290 7.5 - High - December 21, 2021

A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.

assertion failure

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Fedora Project Fedora or by Webassembly? Click the Watch button to subscribe.

Webassembly
Vendor

Webassembly Binaryen
Product

Webassembly Binaryen

By the Year

Recent Webassembly Binaryen Security Vulnerabilities

Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26 CVE-2020-18382 6.5 - Medium - August 22, 2023

A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26 CVE-2020-18378 6.5 - Medium - August 22, 2023

A Stack Overflow vulnerability exists in Binaryen 103 CVE-2021-46050 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions. CVE-2021-46048 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). CVE-2021-46055 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). CVE-2021-46054 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 103 CVE-2021-46053 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate. CVE-2021-46052 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet. CVE-2021-45293 5.5 - Medium - December 21, 2021

A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable. CVE-2021-45290 7.5 - High - December 21, 2021

Stay on top of Security Vulnerabilities

Webassembly Vendor

Webassembly BinaryenProduct

Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26

CVE-2020-18382 6.5 - Medium - August 22, 2023

A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26

CVE-2020-18378 6.5 - Medium - August 22, 2023

A Stack Overflow vulnerability exists in Binaryen 103

CVE-2021-46050 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions.

CVE-2021-46048 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

CVE-2021-46055 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).

CVE-2021-46054 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 103

CVE-2021-46053 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate.

CVE-2021-46052 5.5 - Medium - January 10, 2022

A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet.

CVE-2021-45293 5.5 - Medium - December 21, 2021

A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.

CVE-2021-45290 7.5 - High - December 21, 2021

Webassembly
Vendor

Webassembly Binaryen
Product