U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:radare:radare2:5.2.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 50 matching records.
Displaying matches 41 through 50.
Vuln ID Summary CVSS Severity
CVE-2022-0523

Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.

Published: February 08, 2022; 4:15:20 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2022-0522

Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.

Published: February 08, 2022; 4:15:20 PM -0500 		V4.0:(not available)
 V3.1: 7.1 HIGH
V2.0: 5.8 MEDIUM
CVE-2022-0521

Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.

Published: February 08, 2022; 4:15:19 PM -0500 		V4.0:(not available)
 V3.1: 7.1 HIGH
V2.0: 5.8 MEDIUM
CVE-2022-0520

Use After Free in NPM radare2.js prior to 5.6.2.

Published: February 08, 2022; 4:15:19 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2022-0519

Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.

Published: February 08, 2022; 4:15:19 PM -0500 		V4.0:(not available)
 V3.1: 7.1 HIGH
V2.0: 5.8 MEDIUM
CVE-2022-0518

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.

Published: February 08, 2022; 4:15:19 PM -0500 		V4.0:(not available)
 V3.1: 7.1 HIGH
V2.0: 5.8 MEDIUM
CVE-2022-0139

Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.

Published: February 08, 2022; 2:15:08 PM -0500 		V4.0:(not available)
 V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2022-0419

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.

Published: February 01, 2022; 6:15:11 AM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2022-0173

radare2 is vulnerable to Out-of-bounds Read

Published: January 11, 2022; 12:15:08 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-32613

In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.

Published: May 14, 2021; 9:15:07 AM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM