Denial of Service Vulnerability in Binaryen by WebAssembly
CVE-2021-46052

5.5MEDIUM

Key Information:

Vendor: Webassembly
Status: Binaryen
Vendor: CVE Published:; 10 January 2022

🔔 Create Webassembly Vulnerability Alert

What is CVE-2021-46052?

A Denial of Service vulnerability has been identified in Binaryen 104, stemming from an assertion abort in the wasm::Tuple::validate function. This flaw could allow attackers to disrupt service by exploiting the vulnerable component. Organizations utilizing Binaryen should assess their systems for potential exposure and apply any available patches or mitigations to enhance security.

References

https://github.com/WebAssembly/binaryen/issues/4411

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 10, 2022
Vulnerability Reserved
Jan 3, 2022

JSON