CVE-2022-1207 — Vulnetix

CVE-2022-1207 PUBLISHED CVSS 6.599999904632568 MEDIUM

Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary.

EPSS 0.11% · 28.2th percentile

Risk Scores

CVSS v3.0

6.599999904632568

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

EPSS Score

0.11%

28.2th percentile

Affected Products

Vendor	Product	Versions
radareorg	radareorg/radare2	unspecified
radare	radare2	0

Timeline

Apr 1, 2022 CVE Published
Apr 1, 2022 PoC Published
Apr 2, 2022 EPSS Score
May 23, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 2, 2022 EPSS Score
Oct 22, 2022 EPSS Score
Dec 12, 2022 EPSS Score
Jan 31, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 23, 2023 EPSS Score
May 12, 2023 EPSS Score

References

https://huntr.dev/bounties/7b979e76-ae54-4132-b455-0833e45195eb url
https://github.com/radareorg/radare2/commit/605785b65dd356d46d4487faa41dbf90943b8bc1 url
https://nvd.nist.gov/vuln/detail/CVE-2022-1207 advisory

Open in Interactive Console →