The wasmdis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted WASM file that triggers an incorrect rhex_bin2str call.
{
"source": "CPE_FIELD",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "2.0.0"
}
],
"cpe": "cpe:2.3:a:radare:radare2:2.0.0:*:*:*:*:*:*:*"
}