VYPR
Medium severity5.5OSV Advisory· Published Jul 12, 2018· Updated Jun 17, 2026

CVE-2018-14017

CVE-2018-14017

Description

The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .class file because of missing input validation in r_bin_java_line_number_table_attr_new.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Radare/Radare2OSV2 versions
    0.10.0, 0.10.1, 0.10.2, …+ 1 more
    • (no CPE)range: 0.10.0, 0.10.1, 0.10.2, …
    • (no CPE)range: <=2.7.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.