cvedb.io
CVE-2022-21711
HIGH · CVSS 7.1
EPSS exploitation probability: 0%
Published 2022-01-24T20:15:08.657 · Last modified 2026-06-17T04:26:48.983

Summary

elfspirit is an ELF static analysis and injection framework that parses, manipulates, and camouflages ELF files. When analyzing the ELF file format in versions prior to 1.1, there is an out-of-bounds read bug, which can lead to application crashes or information leakage. By constructing a special format ELF file, the information of any address can be leaked. elfspirit version 1.1 contains a patch for this issue.

Affected products

elfspirit_project — elfspirit

Does this affect you?

Add your gear to cvedb and we'll alert you only when elfspirit_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.