A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2329102 |
History
Mon, 16 Dec 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 16 Dec 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Radare2: command injection via pebble application files in radare2 |
Sun, 15 Dec 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​ | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: fedora
Published: 2024-12-15T13:57:32.889Z
Updated: 2024-12-16T16:39:35.500Z
Reserved: 2024-11-27T09:48:03.636Z
Link: CVE-2024-11858
Vulnrichment
Updated: 2024-12-16T16:38:56.080Z
NVD
Status : Received
Published: 2024-12-15T14:15:22.320
Modified: 2024-12-15T14:15:22.320
Link: CVE-2024-11858
Redhat
No data.