Fedora 38 : cutter-re / rizin (2023-af305bed3d)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-af305bed3d advisory. rebase rizin to v0.5.1 and cutter-re to 0.2.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

GLSA-202209-06 : Rizin: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-06 Rizin: Multiple Vulnerabilities - Rizin v0.4.0 and below was discovered to contain an integer overflow via the function getlongobject. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted...

Double free

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rzbinrelocstoragefree when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this...

CVE-2022-36043 Rizin Double Free in bobj.c when using qnx binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rzbinrelocstoragefree when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this...