CVE-2020-18382 - OpenCVE

Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-opt.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Webassembly	Binaryen

Configuration 1 [-]

cpe:2.3:a:webassembly:binaryen:1.38.26:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/WebAssembly/binaryen/issues/1900	Exploit Issue Tracking Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-08-22T00:00:00

Updated: 2023-08-22T15:45:46.416660

Reserved: 2020-08-13T00:00:00

Link: CVE-2020-18382

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-08-22T19:15:55.203

Modified: 2023-08-25T20:22:32.513

Link: CVE-2020-18382

JSON object: View

Redhat Information

No data.

CWE

CWE-787