CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27545
https://notcve.org/view.php?id=CVE-2020-27545
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object. • http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf https://bugzilla.redhat.com/show_bug.cgi?id=2025694 https://github.com/davea42/libdwarf-code/commit/95f634808c01f1c61bbec56ed2395af997f397ea https://sourceforge.net/projects/libdwarf https://www.prevanders.net/dwarfbug.html#DW202010-001 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-28163
https://notcve.org/view.php?id=CVE-2020-28163
libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname. • http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf https://bugzilla.redhat.com/show_bug.cgi?id=2026000 https://github.com/davea42/libdwarf-code/commit/faf99408e3f9f706fc3809dd400e831f989778d3 https://www.prevanders.net/dwarfbug.html#DW202010-003 • CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34299
https://notcve.org/view.php?id=CVE-2022-34299
There is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b. Se presenta una lectura excesiva del búfer en la región heap de la memoria en libdwarf versión 0.4.0. Este problema está relacionado con dwarf_global_formref_b • https://github.com/davea42/libdwarf-code/commit/7ef09e1fc9ba07653dd078edb2408631c7969162 https://github.com/davea42/libdwarf-code/issues/119 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32200
https://notcve.org/view.php?id=CVE-2022-32200
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c. libdwarf versión 0.4.0, presenta una lectura excesiva del búfer en la región heap de la memoria en la función _dwarf_check_string_valid en el archivo dwarf_util.c • https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069 https://github.com/davea42/libdwarf-code/issues/116 https://www.prevanders.net/dwarfbug.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14249
https://notcve.org/view.php?id=CVE-2019-14249
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump. En el archivo dwarf_elf_load_headers.c en libdwarf antes del 05-07-2019 permite a los atacantes causar una denegación de servicio (división por cero) por medio de un archivo ELF con un grupo de sección de tamaño cero (SHT_GROUP), como es demostrado por dwarfdump. • http://www.securityfocus.com/bid/109380 https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599 https://sourceforge.net/p/libdwarf/code/merge-requests/4 • CWE-369: Divide By Zero •