Khagankhan

**Name of the Vulnerable Software and Affected Versions** WebAssembly wat2wasm version 1.0.32 **Description** The issue allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote (""). **Recommendations** For version 1.0.32, avoid using the '@' symbol before a quote (") in the input to prevent the crash. As a temporary workaround, consider validating the input to ensure it does not contain the '@' symbol before a quote until a patch is available.

**Name of the Vulnerable Software and Affected Versions** wasm2c version 1.0.32 wasm2wat version 1.0.32 wasm-decompile version 1.0.32 wasm-validate version 1.0.32 **Description** An issue in the mentioned software allows attackers to cause a Denial of Service (DoS) via running a crafted binary. This can be achieved by running a specifically designed binary that exploits the issue. **Recommendations** For wasm2c version 1.0.32, update to a version that contains a fix for this issue. For wasm2wat version 1.0.32, update to a version that contains a fix for this issue. For wasm-decompile version 1.0.32, update to a version that contains a fix for this issue. For wasm-validate version 1.0.32, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting the execution of crafted binaries to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WebAssembly version 1.0 **Description** An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop. **Recommendations** For WebAssembly version 1.0, consider disabling the hang.wasm component as a temporary workaround until a patch is available.