[Suggested description] wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file.
[Vulnerability Type] Buffer Overflow
[Vendor of Product] https://github.com/kanaka/wac
[Affected Product Code Base] https://github.com/kanaka/wac - 385e13ca840100f70d05781f45209da82fb6c45c
[Affected Component] wace
[Attack Type] Remote
[Impact Code execution] true
[Impact Denial of Service] true
[Attack Vectors] a crafted wasm file
[Reference] kanaka/wac#17
[Discoverer] Ziyi Guo
Created
November 8, 2024 18:46
-
-
Save haruki3hhh/f686e1d517e8f5d1281b02e633129522 to your computer and use it in GitHub Desktop.
Advisory for CVE-2024-35410
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment