VYPR

libbfd

by GNU

CVEs (44)

  • CVE-2017-14130MedSep 4, 2017
    risk 0.36cvss 5.5epss 0.02

    The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via…

  • CVE-2017-13757MedAug 29, 2017
    risk 0.36cvss 5.5epss 0.01

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to…

  • CVE-2017-9955MedJun 26, 2017
    risk 0.36cvss 5.5epss 0.01

    The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain…

  • CVE-2020-35448LowDec 27, 2020
    risk 0.22cvss 3.3epss 0.01

    An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in…

Page 3 of 3