CVE-2019-7151 (NVD)

2019-01-29

A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt.

Products Binaryen
Type NULL Pointer Dereference (CWE-476)
First patch - None (likely due to unavailable code)
Links https://github.com/WebAssembly/binaryen/issues/1881