Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:conan/lief@0.12.1
purl pkg:conan/lief@0.12.1
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-7ks5-ajmj-uqaw
Aliases:
CVE-2022-38496
PYSEC-2022-43137
LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp. There are no reported fixed by versions.
VCID-bgtn-xx89-1fdk
Aliases:
CVE-2022-43171
GHSA-jvp9-phwp-p738
PYSEC-2022-43140
A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted MachO file.
0.12.2
Affected by 0 other vulnerabilities.
VCID-h8w4-72af-q3fp
Aliases:
CVE-2022-40923
GHSA-rm2x-hgr8-w343
PYSEC-2022-43139
A vulnerability in the LIEF::MachO::SegmentCommand::virtual_address function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file. There are no reported fixed by versions.
VCID-h9u8-1y87-nqde
Aliases:
CVE-2022-38497
GHSA-2p5h-hpj4-fxgg
PYSEC-2022-277
LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69.
0.12.2
Affected by 0 other vulnerabilities.
VCID-yyzu-cawb-aqh4
Aliases:
CVE-2022-40922
GHSA-38hf-c37x-32hv
PYSEC-2022-43138
A vulnerability in the LIEF::MachO::BinaryParser::init_and_parse function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file. There are no reported fixed by versions.
VCID-z6tk-ymuh-8be3
Aliases:
CVE-2022-38495
GHSA-42vg-2q93-fj6j
PYSEC-2022-276
LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-05T17:13:16.044604+00:00 GitLab Importer Affected by VCID-bgtn-xx89-1fdk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lief/CVE-2022-43171.yml 38.6.0
2026-06-05T17:12:25.364415+00:00 GitLab Importer Affected by VCID-yyzu-cawb-aqh4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lief/CVE-2022-40922.yml 38.6.0
2026-06-05T17:12:23.954737+00:00 GitLab Importer Affected by VCID-h8w4-72af-q3fp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lief/CVE-2022-40923.yml 38.6.0
2026-06-05T17:11:47.078549+00:00 GitLab Importer Affected by VCID-z6tk-ymuh-8be3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lief/CVE-2022-38495.yml 38.6.0
2026-06-05T17:11:46.331929+00:00 GitLab Importer Affected by VCID-7ks5-ajmj-uqaw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lief/CVE-2022-38496.yml 38.6.0
2026-06-05T17:11:46.272317+00:00 GitLab Importer Affected by VCID-h9u8-1y87-nqde https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lief/CVE-2022-38497.yml 38.6.0