Kripken

**Name of the Vulnerable Software and Affected Versions** Binaryen version 1.38.32 **Description** An issue in Binaryen can cause a NULL pointer dereference, leading to segmentation faults and denial-of-service when processing crafted input, as demonstrated by wasm2js. This occurs due to two visitors in ir/ExpressionManipulator.cpp. **Recommendations** For Binaryen version 1.38.32, update to a version that fixes the NULL pointer dereference issue in wasm::LocalSet::finalize to prevent denial-of-service attacks.