VDB

CVE-2022-1451

CVE-2022-1451 PUBLISHED CVSS 7.099999904632568 HIGH

Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html).

EPSS 0.28% · 51.2th percentile

Risk Scores

CVSS v3.0
7.099999904632568
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
EPSS Score
0.28%
51.2th percentile

Affected Products

VendorProductVersions
radareradare20
radareorgradareorg/radare2unspecified

Timeline

  • Apr 24, 2022 CVE Published
  • Apr 25, 2022 EPSS Score
  • Jun 14, 2022 EPSS Score
  • Aug 4, 2022 EPSS Score
  • Sep 22, 2022 EPSS Score
  • Nov 11, 2022 EPSS Score
  • Dec 31, 2022 EPSS Score
  • Feb 19, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 9, 2023 EPSS Score
  • May 29, 2023 EPSS Score
  • Jul 18, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›