← Zuruck zu CVEs
CVE-2022-1452
HIGH7.1
Beschreibung
Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html).
CVE Details
CVSS v3.1 Bewertung7.1
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht4/24/2022
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
radare:radare2
Schwachen (CWE)
CWE-125CWE-125
Referenzen
https://github.com/radareorg/radare2/commit/ecc44b6a2f18ee70ac133365de0e509d26d5e168(security@huntr.dev)
https://huntr.dev/bounties/c8f4c2de-7d96-4ad4-857a-c099effca2d6(security@huntr.dev)
https://github.com/radareorg/radare2/commit/ecc44b6a2f18ee70ac133365de0e509d26d5e168(af854a3a-2127-422b-91ae-364da2661108)
https://huntr.dev/bounties/c8f4c2de-7d96-4ad4-857a-c099effca2d6(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.