Ccwang19

**Name of the Vulnerable Software and Affected Versions** LIEF version 5d1d643 **Description** A segmentation violation was discovered in LIEF via the function `LIEF::MachO::SegmentCommand::file offset()` at `/MachO/SegmentCommand.cpp`. **Recommendations** For LIEF version 5d1d643, update to a version that includes the patch from commit 7acf0bc4224081d4f425fcc8b2e361b95291d878 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LIEF version 365a16a **Description** A reachable assertion abort was discovered in the BinaryStream.hpp component. **Recommendations** For LIEF version 365a16a, consider disabling the use of the BinaryStream.hpp component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** LIEF version 365a16a **Description** A segmentation violation was discovered in LIEF via the component `CoreFile.tcc:69`. **Recommendations** For LIEF version 365a16a, apply the patch available at commit ca938740264f1fcb18f91cba8e4039c518ecb75b.

**Name of the Vulnerable Software and Affected Versions** LIEF versions prior to 53bf680ef494a835e2c4a5de328ca85416a03a5a **Description** A heap-buffer overflow was discovered in the component /core/CorePrPsInfo.tcc. The issue affects LIEF and is related to a heap-buffer overflow, which can be exploited. **Recommendations** For versions prior to 53bf680ef494a835e2c4a5de328ca85416a03a5a, update to a version that includes the patch commit 53bf680ef494a835e2c4a5de328ca85416a03a5a to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LIEF version 365a16a **Description** A heap-buffer overflow issue was discovered via the function `print binary` at `/c/macho reader.c`. This issue affects LIEF and can be exploited. **Recommendations** For LIEF version 365a16a, update to a version that includes the patch from commit 0033b6312fd311b2e45e379c04a83d77c1e58578 to resolve the issue. As a temporary workaround, consider disabling the `print binary` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** JerryScript version 2.4.0 **Description** The issue is related to a stack-overflow error located at ecma-helpers.c:326 in the `ecma get lex env type` function. **Recommendations** For JerryScript version 2.4.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** JerryScript version 2.4.0 **Description** The issue is related to a heap-use-after-free error at ecma-helpers-string.c:1940 in the ecma compare ecma non direct strings function. **Recommendations** For JerryScript version 2.4.0, at the moment, there is no information about a newer version that contains a fix for this issue.