GHSA-52xx-r3g2-p8jm

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-52xx-r3g2-p8jm/GHSA-52xx-r3g2-p8jm.json

Aliases

CVE-2022-38306 ( PYSEC-2022-274 )

Published

2022-09-14T00:00:42Z

Modified

2023-03-16T05:23:19.161303Z

Details

LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc. Commit 53bf680ef494a835e2c4a5de328ca85416a03a5a contains a patch.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-38306
https://github.com/lief-project/LIEF/issues/763
https://github.com/lief-project/LIEF/commit/53bf680ef494a835e2c4a5de328ca85416a03a5a
https://github.com/lief-project/LIEF
https://github.com/pypa/advisory-database/tree/main/vulns/lief/PYSEC-2022-274.yaml

Affected packages

PyPI / lief

lief

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Affected versions

0.*

0.10.0

0.10.1

0.11.0

0.11.1

0.11.2

0.11.3

0.11.4

0.11.5

0.12.0

0.12.1

0.12.2

0.12.3

0.8.0

0.8.1

0.8.2

0.8.3

0.9.0

Database specific

{
    "last_known_affected_version_range": "<= 0.12.1"
}