CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-36043

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number a3d50c1ea185f3f642f2d8180715f82d98840784 contains a patch for this issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.1%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2022-36043

Rizin » Rizin » Version: N/A

cpe:2.3:a:rizin:rizin:-
Rizin » Rizin » Version: 0.1.0

cpe:2.3:a:rizin:rizin:0.1.0
Rizin » Rizin » Version: 0.1.1

cpe:2.3:a:rizin:rizin:0.1.1
Rizin » Rizin » Version: 0.1.2

cpe:2.3:a:rizin:rizin:0.1.2
Rizin » Rizin » Version: 0.2.0

cpe:2.3:a:rizin:rizin:0.2.0
Rizin » Rizin » Version: 0.2.1

cpe:2.3:a:rizin:rizin:0.2.1
Rizin » Rizin » Version: 0.3.0

cpe:2.3:a:rizin:rizin:0.3.0
Rizin » Rizin » Version: 0.3.1

cpe:2.3:a:rizin:rizin:0.3.1
Rizin » Rizin » Version: 0.3.2

cpe:2.3:a:rizin:rizin:0.3.2
Rizin » Rizin » Version: 0.3.3

cpe:2.3:a:rizin:rizin:0.3.3
Rizin » Rizin » Version: 0.3.4

cpe:2.3:a:rizin:rizin:0.3.4
Rizin » Rizin » Version: 0.4.0

cpe:2.3:a:rizin:rizin:0.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-36043

Products

Pricing

Contact Us