CVE-2022-1207 Information

Description

Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

Reference

https://github.com/radareorg/radare2/commit/605785b65dd356d46d4487faa41dbf90943b8bc1 https://huntr.dev/bounties/7b979e76-ae54-4132-b455-0833e45195eb

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

LOW

Base Score

LOW

Base Severity

6.6