Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-11858

Опубликовано: 15 дек. 2024
Источник: debian
EPSS Низкий

Описание

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​

Пакеты

ПакетСтатусВерсия исправленияРелизТип
radare2fixed5.9.8+dfsg-1package

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2329102

  • https://github.com/radareorg/radare2/issues/23657

  • Fixed by: https://github.com/radareorg/radare2/commit/28b0badd696db90f5334f5c0d577a5e546ab9dbd (5.9.8)

EPSS

Процентиль: 11%
0.00039
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-11858

CVSS3: 8.6
ubuntu
около 1 года назад

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​

nvd логотип

CVE-2024-11858

CVSS3: 8.6
nvd
около 1 года назад

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​

github логотип

GHSA-r3c4-qgcj-4qp2

CVSS3: 8.6
github
около 1 года назад

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​

EPSS

Процентиль: 11%
0.00039
Низкий