CVE-2022-43171

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

Heap overflow

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

CVE-2022-43171

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

CVE-2022-40922

A vulnerability in the LIEF::MachO::BinaryParser::initandparse function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

CVE-2022-40922

A vulnerability in the LIEF::MachO::BinaryParser::initandparse function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

CVE-2022-40922

A vulnerability in the LIEF::MachO::BinaryParser::initandparse function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

Design/Logic Flaw

A vulnerability in the LIEF::MachO::BinaryParser::initandparse function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

CVE-2022-40922

A vulnerability in the LIEF::MachO::BinaryParser::initandparse function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

LIEF 安全漏洞

LIEF is a cross-platform library from the personal developer Romain Thomas. Used for parsing, modifying and abstracting Elf, Pe and MachO formats, a denial of service vulnerability exists in LIEF v0.12.1, which stems from a failure to properly handle incoming error messages in the initandparse...

LIEF vulnerable to denial of service through segmentation fault

A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file. A patch is available at commit number 24935f654f6df700a9a062298258b9485f584502...

Design/Logic Flaw

A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

GHSA-4WPP-W5R4-7V5V Server-Side Request Forgery in charm

We've discovered a vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched in https://github.com/charmbracelet/charm/commit/3c90668f955c7ce5ef721e4fc9faee7053232fd3 and is available in...

Design/Logic Flaw

A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...