CVE Catalog

CVE-2024-31636

LowCVSS 3.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

18th percentile — higher than 18% of all known CVEs

Summary

An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the 'name' parameter of the machd_reader.c component.

Risk Assessment

The organization is at risk of sensitive data leakage, which could be used for further attacks or privilege escalation within the system.

Recommendation

Immediately update the LIEF library to the latest available version that includes a fix for this vulnerability.

Original NVD description (English source)

An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS