PT-2023-23411 · Unknown+3 · Wasm-Validate+4
Khagankhan
·
Published
2023-05-23
·
Updated
2025-01-31
·
CVE-2023-31670
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
wasm2c version 1.0.32
wasm2wat version 1.0.32
wasm-decompile version 1.0.32
wasm-validate version 1.0.32
Description
An issue in the mentioned software allows attackers to cause a Denial of Service (DoS) via running a crafted binary. This can be achieved by running a specifically designed binary that exploits the issue.
Recommendations
For wasm2c version 1.0.32, update to a version that contains a fix for this issue.
For wasm2wat version 1.0.32, update to a version that contains a fix for this issue.
For wasm-decompile version 1.0.32, update to a version that contains a fix for this issue.
For wasm-validate version 1.0.32, update to a version that contains a fix for this issue.
As a temporary workaround, consider restricting the execution of crafted binaries to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Debian
Wasm-Decompile
Wasm-Validate
Wasm2C
Wasm2Wat