Every CVE whose affected-product data names Lief-project Lief, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2021-32297 — CVSS 8.8 (high): An issue was discovered in LIEF through 0.11.4. A heap-buffer-overflow exists in the function main located in pe_reader.c. It allows an…
CVE-2022-38495 — CVSS 7.8 (high): LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c.
CVE-2022-38306 — CVSS 7.8 (high): LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc.
CVE-2022-40922 — CVSS 6.5 (medium): A vulnerability in the LIEF::MachO::BinaryParser::init_and_parse function of LIEF v0.12.1 allows attackers to cause a denial of service…
CVE-2022-40923 — CVSS 6.5 (medium): A vulnerability in the LIEF::MachO::SegmentCommand::virtual_address function of LIEF v0.12.1 allows attackers to cause a denial of service…
CVE-2022-43171 — CVSS 6.5 (medium): A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows attackers to cause a…
CVE-2022-38497 — CVSS 5.5 (medium): LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69.
CVE-2022-38307 — CVSS 5.5 (medium): LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::file_offset() at…
CVE-2022-38496 — CVSS 5.5 (medium): LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp.
CVE-2024-31636 — CVSS 3.9 (low): An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component.
CVE-2025-15504 — CVSS 3.3 (low): A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::parse_binary of the…