GCVE - cpe:2.3:a:gnu:binutils:2.35.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:gnu:binutils:2.35.1:*:*:*:*:*:*:*

part: a version: 2.35.1 update: *

Vendor	Gnu (`575dd98a-a14a-5d9e-a2eb-97d38d86fcb9`)
Product	Binutils (`bdfd61c2-da72-5ce9-819e-45ee45378259`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/binutils`	purl2cpe	2026-06-01 10:11:54.199116
`pkg:deb/ubuntu/binutils`	purl2cpe	2026-06-01 10:11:54.199117
`pkg:github/bminor/binutils-gdb`	purl2cpe	2026-06-01 10:11:54.199119
`pkg:redox-os/redox-os/binutils-gdb`	purl2cpe	2026-06-01 10:11:54.199120
`pkg:rpm/fedora/binutils`	purl2cpe	2026-06-01 10:11:54.199121
`pkg:rpm/opensuse/binutils`	purl2cpe	2026-06-01 10:11:54.199123
`pkg:sourceware/binutils-gdb`	purl2cpe	2026-06-01 10:11:54.199124

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-20284`	vulnerable	2026-06-03 14:43:41.501441	Details available A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. Published: 2021-03-26T16:39:03.000Z Updated: 2024-08-03T17:37:23.579Z Open on db.gcve.eu Reference links https://sourceware.org/bugzilla/show_bug.cgi?id=26931 https://bugzilla.redhat.com/show_bug.cgi?id=1937784 https://security.netapp.com/advisory/ntap-20210521-0010/ https://security.gentoo.org/glsa/202208-30	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-35448`	vulnerable	2026-06-03 14:42:31.816438	Details available An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c. Published: 2020-12-27T03:38:54.000Z Updated: 2024-08-04T17:02:08.053Z Open on db.gcve.eu Reference links https://sourceware.org/bugzilla/show_bug.cgi?id=26574 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=8642dafaef21aa6747cec01df1977e9c52eb4679 https://security.netapp.com/advisory/ntap-20210129-0008/ https://security.gentoo.org/glsa/202107-24	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.