WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote (").
References
Link | Resource |
---|---|
https://github.com/WebAssembly/wabt/issues/2165 | Exploit Issue Tracking Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSFFCKXUQ5PAC5UVXY7N6HEHVQ3AC2RG/ |
Configurations
History
07 Nov 2023, 04:14
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
26 Jun 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 May 2023, 21:56
Type | Values Removed | Values Added |
---|---|---|
First Time |
Webassembly
Webassembly webassembly Binary Toolkit |
|
References | (MISC) https://github.com/WebAssembly/wabt/issues/2165 - Exploit, Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:a:webassembly:webassembly_binary_toolkit:1.0.32:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-116 |
Information
Published : 2023-05-23 12:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-31669
Mitre link : CVE-2023-31669
CVE.ORG link : CVE-2023-31669
JSON object : View
Products Affected
webassembly
- webassembly_binary_toolkit
CWE
CWE-116
Improper Encoding or Escaping of Output