Known Vulnerabilities for products from Libdwarf Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Libdwarf Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-39170 json | libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c. | 8.8 - HIGH | 2022-09-02 | 2023-11-07 |
| CVE-2022-34299 json | There is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b. | 8.1 - HIGH | 2022-06-23 | 2022-06-29 |
| CVE-2022-32200 json | libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c. | 7.8 - HIGH | 2022-06-02 | 2022-06-10 |
| CVE-2020-28163 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-04-16 | 2023-04-26 |
| CVE-2020-27545 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-04-16 | 2023-04-26 |
| CVE-2019-14249 json | dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via a... | 6.5 - MEDIUM | 2019-07-24 | 2019-08-05 |
| CVE-2017-9998 json | The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a deni... | 6.5 - MEDIUM | 2017-06-28 | 2022-03-01 |
| CVE-2017-9055 json | An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not c... | 9.8 - CRITICAL | 2017-05-18 | 2022-03-01 |
| CVE-2017-9054 json | An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In _dwarf_decode_s_leb128_chk() a byte pointer w... | 9.8 - CRITICAL | 2017-05-18 | 2022-03-01 |
| CVE-2017-9053 json | An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc... | 9.1 - CRITICAL | 2017-05-18 | 2022-03-01 |
| CVE-2017-9052 json | An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata... | 9.8 - CRITICAL | 2017-05-18 | 2019-10-18 |
| CVE-2016-9558 json | (1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecif... | 9.8 - CRITICAL | 2017-02-28 | 2022-03-01 |
| CVE-2016-9480 json | libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using ... | 9.1 - CRITICAL | 2016-11-29 | 2016-12-22 |
| CVE-2016-9276 json | The dwarf_get_aranges_list function in dwarf_arrange.c in Libdwarf before 20161124 allows remote attackers to cause a denial ... | 7.5 - HIGH | 2017-03-23 | 2022-03-01 |
| CVE-2016-9275 json | Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows re... | 7.5 - HIGH | 2017-03-23 | 2022-03-01 |
| CVE-2016-8681 json | The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a d... | 5.5 - MEDIUM | 2017-02-15 | 2020-06-11 |
| CVE-2016-8680 json | The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a d... | 6.5 - MEDIUM | 2017-02-15 | 2022-03-01 |
| CVE-2016-8679 json | The _dwarf_get_size_of_val function in libdwarf/dwarf_util.c in Libdwarf before 20161124 allows remote attackers to cause a d... | 6.5 - MEDIUM | 2017-02-15 | 2022-03-01 |
| CVE-2016-7511 json | Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows remote attackers to cause a denial of service (crash) v... | 5.5 - MEDIUM | 2017-02-17 | 2022-03-01 |
| CVE-2016-7510 json | The read_line_table_program function in dwarf_line_table_reader_common.c in libdwarf before 20160923 allows remote attackers ... | 6.5 - MEDIUM | 2017-02-17 | 2022-03-01 |
Known software with vulnerabilities from Libdwarf Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Libdwarf Project | Libdwarf | 1999-12-14 |