Lief-Project: >> Lief >> 0.12.1 Security Vulnerabilities
A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::parse_binary of the file src/ELF/Parser.tcc of the component ELF Binary Parser. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. Upgrading to version 0.17.2 can resolve this issue. The patch is identified as 81bd5d7ea0c390563f1c4c017c9019d154802978. It is recommended to upgrade the affected component.
CVSS Score
3.3
EPSS Score
0.0
Published
2026-01-10
A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted MachO file.
CVSS Score
6.5
EPSS Score
0.005
Published
2022-11-17
A vulnerability in the LIEF::MachO::BinaryParser::init_and_parse function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-10-03
A vulnerability in the LIEF::MachO::SegmentCommand::virtual_address function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-09-30
LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-13
LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-13
LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-13