Lucene search

@huntrdevCVELIST:CVE-2023-5686

HistoryOct 20, 2023 - 4:22 p.m.

CVE-2023-5686 Heap-based Buffer Overflow in radareorg/radare2

2023-10-2016:22:42

CWE-122

@huntrdev

www.cve.org

cve-2023

heap-based buffer overflow

radareorg/radare2

github repository

5.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

9.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.0%

JSON

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

CNA Affected

[
  {
    "vendor": "radareorg",
    "product": "radareorg/radare2",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "5.9.0",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/radareorg/radare2/commit/1bdda93e348c160c84e30da3637acef26d0348de

huntr.com/bounties/bbfe1f76-8fa1-4a8c-909d-65b16e970be0

lists.fedoraproject.org/archives/list/[email protected]/message/64KUV6OGEVQ75QOV35PUVVDOJTKSJHYN/

lists.fedoraproject.org/archives/list/[email protected]/message/SOZ6XCADVAPAIHMVSV3FUAN742BHXF55/

5.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

9.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.0%

JSON

Related for CVELIST:CVE-2023-5686