GHSA-2p5h-hpj4-fxgg

Source

https://github.com/advisories/GHSA-2p5h-hpj4-fxgg

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-2p5h-hpj4-fxgg/GHSA-2p5h-hpj4-fxgg.json

Aliases

CVE-2022-38497
PYSEC-2022-277

Published

2022-09-14T00:00:42Z

Modified

2024-02-16T08:22:16.973755Z

Details

LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. A patch is available at commit ca938740264f1fcb18f91cba8e4039c518ecb75b.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-38497
https://github.com/lief-project/LIEF/issues/766
https://github.com/lief-project/LIEF/commit/ca938740264f1fcb18f91cba8e4039c518ecb75b
https://github.com/lief-project/LIEF
https://github.com/pypa/advisory-database/tree/main/vulns/lief/PYSEC-2022-277.yaml

Affected packages

PyPI / lief

Package

Name: lief

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Last affected

0.12.1

Affected versions

0.*

0.8.0

0.8.1

0.8.2

0.8.3

0.9.0

0.10.0

0.10.1

0.11.0

0.11.1

0.11.2

0.11.3

0.11.4

0.11.5

0.12.0

0.12.1