Debian Binaryen vulnerabilities

24 known vulnerabilities affecting debian/binaryen.

Total CVEs

24

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM12LOW12

Vulnerabilities

Page 1 of 2

CVE-2025-14957LOWCVSS 4.82025

CVE-2025-14957 [MEDIUM] CVE-2025-14957: binaryen - A vulnerability was identified in WebAssembly Binaryen up to 125. This affects t... A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBuilder::makeLocalSet/IRBuilder::makeLocalTee of the file src/wasm/wasm-ir-builder.cpp of the component IRBuilder. Such manipulation of the argument Index leads to null pointer dereference. Local access is required to approach this attack. The exp

CVE-2025-14956LOWCVSS 4.82025

CVE-2025-14956 [MEDIUM] CVE-2025-14956: binaryen - A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by th... A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Patch name: 4f52bff8c407

CVE-2021-46052LOWCVSS 5.52021

CVE-2021-46052 [MEDIUM] CVE-2021-46052: binaryen - A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abo... A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-45293LOWCVSS 5.5fixed in binaryen 104-1 (bookworm)2021

CVE-2021-45293 [MEDIUM] CVE-2021-45293: binaryen - A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memor... A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet. Scope: local bookworm: resolved (fixed in 104-1) bullseye: open forky: resolved (fixed in 104-1) sid: resolved (fixed in 104-1) trixie: resolved (fixed in 104-1)

CVE-2021-46055LOWCVSS 5.52021

CVE-2021-46055 [MEDIUM] CVE-2021-46055: binaryen - A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abo... A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-46050LOWCVSS 5.52021

CVE-2021-46050 [MEDIUM] CVE-2021-46050: binaryen - A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common func... A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common function. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-45290LOWCVSS 7.5fixed in binaryen 104-1 (bookworm)2021

CVE-2021-45290 [HIGH] CVE-2021-45290: binaryen - A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abor... A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable. Scope: local bookworm: resolved (fixed in 104-1) bullseye: open forky: resolved (fixed in 104-1) sid: resolved (fixed in 104-1) trixie: resolved (fixed in 104-1)

CVE-2021-46054LOWCVSS 5.52021

CVE-2021-46054 [MEDIUM] CVE-2021-46054: binaryen - A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abo... A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*). Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-46048LOWCVSS 5.52021

CVE-2021-46048 [MEDIUM] CVE-2021-46048: binaryen - A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abo... A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-46053LOWCVSS 5.52021

CVE-2021-46053 [MEDIUM] CVE-2021-46053: binaryen - A Denial of Service vulnerability exists in Binaryen 103. The program terminates... A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2020-18378MEDIUMCVSS 6.5fixed in binaryen 68-1 (bookworm)2020

CVE-2020-18378 [MEDIUM] CVE-2020-18378: binaryen - A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock i... A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as. Scope: local bookworm: resolved (fixed in 68-1) bullseye: resolved (fixed in 68-1) forky: resolved (fixed in 68-1) sid: resolved (

CVE-2020-18382MEDIUMCVSS 6.5fixed in binaryen 68-1 (bookworm)2020

CVE-2020-18382 [MEDIUM] CVE-2020-18382: binaryen - Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::vi... Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-opt. Scope: local bookworm: resolved (fixed in 68-1) bullseye: resolved (fixed in 68-1) forky: resolved (fixed in 68-1) sid: resolved

CVE-2019-7152MEDIUMCVSS 6.5fixed in binaryen 66-1 (bookworm)2019

CVE-2019-7152 [MEDIUM] CVE-2019-7152: binaryen - A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::process... A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt. Scope: local bookworm: resolved (fixed in 66-1) bullseye: resol

CVE-2019-7704MEDIUMCVSS 6.5fixed in binaryen 64-1 (bookworm)2019

CVE-2019-7704 [MEDIUM] CVE-2019-7704: binaryen - wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 ... wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt. Scope: local bookworm: resolved (fixed in 64-1) bullseye: resolved (fixed in 64-1) forky: resolved (fixed in 64-1) sid: resolved (fixed in 64-1) trixie: resolved (fixed in 64-1)

CVE-2019-7703MEDIUMCVSS 6.5fixed in binaryen 64-1 (bookworm)2019

CVE-2019-7703 [MEDIUM] CVE-2019-7703: binaryen - In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilde... In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a wasm file, as demonstrated by wasm-merge. Scope: local bookworm: resolved (fixed in 64-1) bullseye: resolved (fixed in 64-1) forky: resolved (fixed in 64-1) sid: resolv

CVE-2019-7702MEDIUMCVSS 6.5fixed in binaryen 64-1 (bookworm)2019

CVE-2019-7702 [MEDIUM] CVE-2019-7702: binaryen - A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parse... A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as. Scope: local bookworm: resolved (fixed in 64-1) bullseye: resolved (fixed in 64-1) forky: resolved (fixed in 64-1) sid: res

CVE-2019-7151MEDIUMCVSS 6.5fixed in binaryen 66-1 (bookworm)2019

CVE-2019-7151 [MEDIUM] CVE-2019-7151: binaryen - A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in ... A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt. Scope: local bookworm: resolved (fixed in 66-1) bullseye: resolved (fixed in 66-1) forky: resolved (fixed in 66-1) sid: resolved (fixed in 66-1) t

CVE-2019-7662MEDIUMCVSS 6.5fixed in binaryen 66-1 (bookworm)2019

CVE-2019-7662 [MEDIUM] CVE-2019-7662: binaryen - An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in was... An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in Binaryen 1.38.22. This allows remote attackers to cause a denial of service (failed assertion and crash) via a crafted wasm file. Scope: local bookworm: resolved (fixed in 66-1) bullseye: resolved (fixed in 66-1) forky: resolved (fixed in 66-1) sid: resolved (fixed in 66

CVE-2019-7153MEDIUMCVSS 6.5fixed in binaryen 66-1 (bookworm)2019

CVE-2019-7153 [MEDIUM] CVE-2019-7153: binaryen - A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFun... A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt. Scope: local bookworm: resolved (fixed in 66-1) bullseye: resolved

CVE-2019-7700MEDIUMCVSS 6.5fixed in binaryen 64-1 (bookworm)2019

CVE-2019-7700 [MEDIUM] CVE-2019-7700: binaryen - A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::visitCa... A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-merge. Scope: local bookworm: resolved (fixed in 64-1) bullseye: resolved (fixed in 64-1) forky: resolved (fixed in 64-1) sid: resolved (