Radare2 Security Vulnerabilities and Issues — Radare2 CVE List

A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS.

7.5CVSS7.3AI score0.00277EPSS

CVE•added 2022/02/01 11:15 a.m.•84 views

CVE-2022-0419

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.

5.9CVSS5.7AI score0.00342EPSS

CVE•added 2022/02/08 9:15 p.m.•83 views

CVE-2022-0518

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.

7.1CVSS6.5AI score0.00254EPSS

CVE•added 2022/02/08 9:15 p.m.•82 views

CVE-2022-0523

Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.

8.8CVSS7.7AI score0.0024EPSS

CVE•added 2022/02/08 9:15 p.m.•80 views

CVE-2022-0519

Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.

7.1CVSS6.5AI score0.00371EPSS

CVE•added 2022/02/08 9:15 p.m.•80 views

CVE-2022-0521

Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.

7.1CVSS6.5AI score0.00371EPSS

CVE•added 2022/02/08 7:15 p.m.•77 views

CVE-2022-0139

Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.

9.8CVSS8.2AI score0.00398EPSS

CVE•added 2022/02/08 9:15 p.m.•76 views

CVE-2022-0522

Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.

7.1CVSS6.4AI score0.00355EPSS

CVE•added 2022/02/08 9:15 p.m.•72 views

CVE-2022-0520

Use After Free in NPM radare2.js prior to 5.6.2.

8.8CVSS7.6AI score0.00342EPSS