Quill, a macOS binary signing utility developed by anchore, contains an unbounded memory allocation flaw (CWE-770) when parsing Mach‑O binaries before version 0.7.1. The vulnerability stems from Quill reading size and count fields—such as DataSize, DataOffset, Size, Count, and Length—from the LC_CODE_SIGNATURE load command and embedded signing structures without validating them against the actual file size. An attacker can craft a minimal (~4 KB) Mach‑O file with exaggerated values for these fields, causing Quill to attempt to allocate excessive amounts of memory. This results in memory exhaustion and can bring the Quill process to a halt, effectively denying service to any signing workflow that relies on the tool.

The affected product is Quill from anchore. All releases prior to v0.7.1, including both the command‑line interface and the Go library, are vulnerable. Any environment that allows Quill to parse externally supplied Mach‑O binaries—such as CI/CD pipelines, shared signing services, or other automated build workflows—is at risk.

The CVSS base score of 5.5 indicates medium severity. The EPSS score is below 1%, suggesting a low probability of widespread exploitation, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires that the attacker supplies a specially crafted Mach‑O file to a vulnerable instance of Quill; this is feasible in contexts where binaries are uploaded for signing. The effect is restricted to denial of service through memory exhaustion; there is no evidence of arbitrary code execution or privilege escalation.