VDB
CVE-2021-44975
CVE-2021-44975
PUBLISHED
CVSS 5.5 MEDIUM
radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser.
EPSS 0.32% · 55.0th percentile
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
0.32%
55.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| radare | radare2 | 5.5.2 |
Timeline
- May 24, 2022 CVE Published
- May 25, 2022 EPSS Score
- Jul 13, 2022 EPSS Score
- Aug 31, 2022 EPSS Score
- Oct 19, 2022 EPSS Score
- Dec 7, 2022 EPSS Score
- Jan 25, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 14, 2023 EPSS Score
- May 2, 2023 EPSS Score
- Jun 20, 2023 EPSS Score
- Aug 8, 2023 EPSS Score
References
- https://github.com/radareorg/radare2/issues/19476 url
- https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/ url
- [oss-security] 20220525 multiple vulnerabilities in radare2 mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2021-44975 advisory
- https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2 url