Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in radareorg/radare2
CVE-2023-0302
7.8HIGH
What is CVE-2023-0302?
In the radare2 software, an inadequate sanitization of special elements significantly impacts its integrity, allowing for potential injection attacks. Versions prior to 5.8.2 are affected. This issue could expose systems to malicious data inputs, compromising application security and functionality. Users and developers are urged to upgrade to the latest version to mitigate risks associated with this vulnerability.
Affected Version(s)
radareorg/radare2 < 5.8.2
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
CVSS V3.0
Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved