Denial of Service Vulnerability in Binaryen by WebAssembly
CVE-2021-46054

5.5MEDIUM

Key Information:

Vendor: Webassembly
Status: Binaryen
Vendor: CVE Published:; 10 January 2022

🔔 Create Webassembly Vulnerability Alert

What is CVE-2021-46054?

A Denial of Service vulnerability has been identified in Binaryen version 104. This issue arises due to an assertion abort triggered during the processing of the 'rethrow' operation in the WasmBinaryBuilder component. Attackers could potentially exploit this vulnerability to cause disruptions in service, thereby affecting the availability and functionality of applications utilizing Binaryen.

References

https://github.com/WebAssembly/binaryen/issues/4410

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 10, 2022
Vulnerability Reserved
Jan 3, 2022

JSON