Skip to main content

Lief CVE-2024-31636

LOW
Use of Uninitialized Variable (CWE-457)
2024-05-03 cve@mitre.org
3.9
CVSS 3.1 · Vendor: mitre

Severity by source

Vendor (mitre) PRIMARY
3.9 LOW
AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
May 03, 2024 - 17:15 cve.org
LOW 3.9

DescriptionCVE.org

An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component.

AnalysisAI

An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified under CWE-457. An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component. Affected products include: Lief-Project Lief.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Lief

View all
CVE-2021-32297 HIGH POC
8.8 Sep 20

An issue was discovered in LIEF through 0.11.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitab

CVE-2022-38495 HIGH POC
7.8 Sep 13

LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c.

CVE-2022-38306 HIGH POC
7.8 Sep 13

LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc. Rated high

CVE-2022-43171 MEDIUM POC
6.5 Nov 17

A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows att

CVE-2022-40922 MEDIUM POC
6.5 Oct 03

A vulnerability in the LIEF::MachO::BinaryParser::init_and_parse function of LIEF v0.12.1 allows attackers to cause a de

CVE-2022-40923 MEDIUM POC
6.5 Sep 30

A vulnerability in the LIEF::MachO::SegmentCommand::virtual_address function of LIEF v0.12.1 allows attackers to cause a

CVE-2022-38497 MEDIUM POC
5.5 Sep 13

LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. Rated medium s

CVE-2022-38496 MEDIUM POC
5.5 Sep 13

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp. Rated medi

CVE-2022-38307 MEDIUM POC
5.5 Sep 13

LIEF commit 5d1d643 was discovered to contain a segmentation violation via the function LIEF::MachO::SegmentCommand::fil

CVE-2025-15504 LOW POC
1.9 Jan 10

A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::pa

Share

CVE-2024-31636 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy