PT-2023-23411 · Unknown+3 · Wasm-Validate+4
Khagankhan
·
Publicado
2023-05-23
·
Atualizado
2025-01-31
·
CVE-2023-31670
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
wasm2c version 1.0.32
wasm2wat version 1.0.32
wasm-decompile version 1.0.32
wasm-validate version 1.0.32
Description
An issue in the mentioned software allows attackers to cause a Denial of Service (DoS) via running a crafted binary. This can be achieved by running a specifically designed binary that exploits the issue.
Recommendations
For wasm2c version 1.0.32, update to a version that contains a fix for this issue.
For wasm2wat version 1.0.32, update to a version that contains a fix for this issue.
For wasm-decompile version 1.0.32, update to a version that contains a fix for this issue.
For wasm-validate version 1.0.32, update to a version that contains a fix for this issue.
As a temporary workaround, consider restricting the execution of crafted binaries to minimize the risk of exploitation.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Debian
Wasm-Decompile
Wasm-Validate
Wasm2C
Wasm2Wat