CVE-2019-15758 (NVD)

2019-08-29

An issue was discovered in Binaryen 1.38.32. Missing validation rules in asmjs/asmangle.cpp can lead to an Assertion Failure at wasm/wasm.cpp in wasm::asmangle. A crafted input can cause denial-of-service, as demonstrated by wasm2js.

Products Binaryen
Type Reachable Assertion (CWE-617)
First patch - None (likely due to unavailable code)
Links https://github.com/WebAssembly/binaryen/issues/2288
https://github.com/WebAssembly/binaryen/pull/2290