Lucene search
HistoryOct 23, 2023 - 5:15 p.m.
CVE-2023-46331
cve-2023-46331
webassembly
wabt
out-of-bound memory read
datasegment
isvalidrange
segmentation fault
nvd
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in DataSegment::IsValidRange(), which lead to segmentation fault.
Affected configurations
Node
webassemblywebassembly_binary_toolkitMatch1.0.33
| CPE | Name | Operator | Version |
|---|---|---|---|
| webassembly:webassembly_binary_toolkit | webassembly webassembly binary toolkit | eq | 1.0.33 |
References
Related
cvelist
cvelist
CVE-2023-46331
2023-10-23 00:00:00
nvd
nvd
CVE-2023-46331
2023-10-23 17:15:08
ubuntucve
ubuntucve
CVE-2023-46331
2023-10-23 00:00:00
prion
prion
Design/Logic Flaw
2023-10-23 17:15:00
osv
osv
CVE-2023-46331
2023-10-23 17:15:08
debiancve
debiancve
CVE-2023-46331
2023-10-23 17:15:08
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2023-46331