Base Score

HIGH7.5

CVE-2022-28071

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.

VectorNETWORK

Published Bycve@mitre.org

Published DateAug 22, 2023, 19:16

Weakness Type (CWE):CWE-416

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

https://github.com/radareorg/radare2/commit/65448811e5b9582a19cf631e03cfcaa025a92ef5

Base Score

HIGH7.5

Weakness Type (CWE):CWE-416

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH