{"id":"CVE-2017-9052","details":"An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata() is due to a failure to check a pointer for being in bounds (in a few places in this function) and a failure in a check in dwarf_attr_list().","modified":"2026-03-15T22:24:51.774332Z","published":"2017-05-18T06:29:00.557Z","references":[{"type":"ADVISORY","url":"https://www.prevanders.net/dwarfbug.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98553"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9052.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2017-03-21"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}