VDB
CVE-2022-0419
CVE-2022-0419
PUBLISHED
CVSS 5.900000095367432 MEDIUM
NULL Pointer Dereference in NPM radare2.js prior to 6.0.0.
EPSS 0.25% · 48.2th percentile
Risk Scores
CVSS v3.0
5.900000095367432
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
0.25%
48.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| radareorg | radareorg/radare2 | unspecified |
| radare | radare2 | 0 |
| fedoraproject | fedora | 34, 35 |
Timeline
- Feb 1, 2022 CVE Published
- Feb 8, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 24, 2022 EPSS Score
- May 26, 2022 CVE Updated
- Jul 16, 2022 EPSS Score
- Sep 7, 2022 EPSS Score
- Oct 29, 2022 EPSS Score
- Dec 20, 2022 EPSS Score
- Feb 11, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 4, 2023 EPSS Score
References
- https://huntr.dev/bounties/1f84e79d-70e7-4b29-8b48-a108f81c89aa url
- https://github.com/radareorg/radare2/commit/feaa4e7f7399c51ee6f52deb84dc3f795b4035d6 url
- FEDORA-2022-ba3248e596 vendor-advisory
- FEDORA-2022-3fc85cd09c vendor-advisory
- https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/ url
- [oss-security] 20220525 multiple vulnerabilities in radare2 mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2022-0419 advisory
- https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SKGIB52R4XPCPNEW6GF56EHW7ST24IJU url