CVE-2022-1383

medium

Description

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.

References

https://huntr.dev/bounties/02b4b563-b946-4343-9092-38d1c5cd60c9

https://github.com/radareorg/radare2/commit/1dd65336f0f0c351d6ea853efcf73cf9c0030862

Details

Source: Mitre, NVD

Published: 2022-04-18

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00058