GHSA-2p5h-hpj4-fxgg

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-2p5h-hpj4-fxgg/GHSA-2p5h-hpj4-fxgg.json

Aliases

CVE-2022-38497 ( PYSEC-2022-277 )

Published

2022-09-14T00:00:42Z

Modified

2023-03-16T05:22:58.759720Z

Details

LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. A patch is available at commit ca938740264f1fcb18f91cba8e4039c518ecb75b.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-38497
https://github.com/lief-project/LIEF/issues/766
https://github.com/lief-project/LIEF/commit/ca938740264f1fcb18f91cba8e4039c518ecb75b
https://github.com/lief-project/LIEF
https://github.com/pypa/advisory-database/tree/main/vulns/lief/PYSEC-2022-277.yaml

Affected packages

PyPI / lief

lief

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Affected versions

0.*

0.10.0

0.10.1

0.11.0

0.11.1

0.11.2

0.11.3

0.11.4

0.11.5

0.12.0

0.12.1

0.12.2

0.12.3

0.8.0

0.8.1

0.8.2

0.8.3

0.9.0

Database specific

{
    "last_known_affected_version_range": "<= 0.12.1"
}