Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Radare2
(Radare)| Repositories |
• https://github.com/radare/radare2
• https://github.com/devnexen/radare2 |
| #Vulnerabilities | 132 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-08-03 | CVE-2020-16269 | radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section. | Fedora, Radare2 | 5.5 | ||
| 2020-08-11 | CVE-2020-17487 | radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_DIRECTORY_ENTRY_SECURITY. | Fedora, Radare2 | 7.5 | ||
| 2021-05-14 | CVE-2021-32613 | In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. | Fedora, Radare2 | 5.5 | ||
| 2021-08-02 | CVE-2021-3673 | A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS. | Fedora, Radare2 | 7.5 | ||
| 2022-01-11 | CVE-2022-0173 | radare2 is vulnerable to Out-of-bounds Read | Fedora, Radare2 | 5.5 | ||
| 2022-02-01 | CVE-2022-0419 | NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0. | Fedora, Radare2 | 5.5 | ||
| 2022-02-08 | CVE-2022-0518 | Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2. | Fedora, Radare2 | 7.1 | ||
| 2022-02-08 | CVE-2022-0519 | Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2. | Fedora, Radare2 | 7.1 | ||
| 2022-02-08 | CVE-2022-0520 | Use After Free in NPM radare2.js prior to 5.6.2. | Fedora, Radare2 | 7.8 | ||
| 2022-02-08 | CVE-2022-0521 | Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2. | Fedora, Radare2 | 7.1 |