CVE-2022-1451
7.1
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Summary
Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see CWE-125: Out-of-bounds read.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| radareorg | radareorg/radare2 | unspecified < 5.7.0 | affected |
Weaknesses
- CWE-788: CWE-788 Access of Memory Location After End of Buffer
ADP Enrichment
CVE Program Container
Additional References
- https://huntr.dev/bounties/229a2e0d-9e5c-402f-9a24-57fa2eb1aaa7
- https://github.com/radareorg/radare2/commit/0927ed3ae99444e7b47b84e43118deb10fe37529
References
- https://huntr.dev/bounties/229a2e0d-9e5c-402f-9a24-57fa2eb1aaa7
- https://github.com/radareorg/radare2/commit/0927ed3ae99444e7b47b84e43118deb10fe37529
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.