VYPR
Unrated severityOSV Advisory· Published Dec 15, 2024· Updated Dec 16, 2024

Radare2: command injection via pebble application files in radare2

CVE-2024-11858

Description

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Radare/Radare2OSV2 versions
    0.10.0, 0.10.1, 0.10.2, …+ 1 more
    • (no CPE)range: 0.10.0, 0.10.1, 0.10.2, …
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.