Safety CI > MobSF/Mobile-Security-Framework-MobSF

ftrjune

2 years, 2 months ago

ad214068

OFAC, jquery bump, tox fix

lief 0.13.2 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.2	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.2

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

ios_dyn

2 years, 2 months ago

f8d9071d

iOS Dynamic Analysis - Corellium support

lief 0.13.2 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.2	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.2

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

master

2 years, 2 months ago

b608ce46

Revert Hotfix

lief 0.13.2 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.2	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.2

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

master

2 years, 2 months ago

89efdeeb

HOTFIX: update lief

lief 0.13.2 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.2	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.2

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-19

2 years, 2 months ago

976f28d1

Update frida from 15.2.2 to 16.0.19

lief 0.13.2 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.2	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.2

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

master

2 years, 3 months ago

c7578b87

Update requirements.txt 0.13.1 not available.

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

master

2 years, 3 months ago

d2f0603d

Scheduled weekly dependency update for week 24 (#2187) * Update ip2location from 8.9.0 to 8.10.0

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-12

2 years, 3 months ago

dc583c0e

Update requirements.txt

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-12

2 years, 3 months ago

0daa3bcd

Update quark-engine from 22.10.1 to 23.5.1

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-12

2 years, 3 months ago

0ea8ce0e

Update ip2location from 8.9.0 to 8.10.0

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-12

2 years, 3 months ago

03187f39

Update tldextract from 3.4.0 to 3.4.4

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-12

2 years, 3 months ago

e593b85f

Update frida from 15.2.2 to 16.0.19

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-05

2 years, 3 months ago

65f07c42

Update quark-engine from 22.10.1 to 23.5.1

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-05

2 years, 3 months ago

06a0ea6f

Update ip2location from 8.9.0 to 8.10.0

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

pyup-scheduled-update-2023-06-05

2 years, 3 months ago

c219ba3c

Update tldextract from 3.4.0 to 3.4.4

lief 0.13.1 has known security vulnerabilities.

Package	Installed	Affected	Info
lief	0.13.1	<0.15.0	show Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.

Package

Installed

Affected

Info

lief

0.13.1

<0.15.0

show

Affected versions of the lief package are vulnerable to Information Disclosure due to the use of an uninitialized variable in the machd_reader.c component’s name parameter. The machd_reader.c component accepts the name parameter without proper initialization, allowing leakage of potentially sensitive memory contents. A local attacker can exploit this by invoking the machd_reader functionality with a crafted name parameter, causing the LIEF package to disclose unintended information from process memory.