Radare: >> Radare2 >> 1.5.0 Security Vulnerabilities
The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack use and application crash) via a crafted binary file, related to use of a variable-size stack array.
CVSS Score
7.5
EPSS Score
0.014
Published
2017-06-19
The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-06-08
Page 9