Candidate: CVE-2022-1451
PublicDate: 2022-04-24 21:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1451
 https://huntr.dev/bounties/229a2e0d-9e5c-402f-9a24-57fa2eb1aaa7
 https://github.com/radareorg/radare2/commit/0927ed3ae99444e7b47b84e43118deb10fe37529
Description:
 Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub
 repository radareorg/radare2 prior to 5.7.0. The bug causes the program
 reads data past the end 2f the intented buffer. Typically, this can allow
 attackers to read sensitive information from other memory locations or
 cause a crash. More details see [CWE-125: Out-of-bounds
 read](https://cwe.mitre.org/data/definitions/125.html).
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:


Patches_radare2:
upstream_radare2: needs-triage
bionic_radare2: needs-triage
focal_radare2: needs-triage