From dcb4583746623db5c6abf83f1dbac6ab16fc923b Mon Sep 17 00:00:00 2001 From: Malayke Date: Thu, 19 Dec 2024 12:03:46 +0800 Subject: [PATCH] Improve GHSA-6gq9-2wfh-4rj3 --- .../GHSA-6gq9-2wfh-4rj3.json | 32 +++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/advisories/unreviewed/2024/12/GHSA-6gq9-2wfh-4rj3/GHSA-6gq9-2wfh-4rj3.json b/advisories/unreviewed/2024/12/GHSA-6gq9-2wfh-4rj3/GHSA-6gq9-2wfh-4rj3.json index 0ae2faf2b5c62..96d6e8e13d6fa 100644 --- a/advisories/unreviewed/2024/12/GHSA-6gq9-2wfh-4rj3/GHSA-6gq9-2wfh-4rj3.json +++ b/advisories/unreviewed/2024/12/GHSA-6gq9-2wfh-4rj3/GHSA-6gq9-2wfh-4rj3.json @@ -1,11 +1,12 @@ { "schema_version": "1.4.0", "id": "GHSA-6gq9-2wfh-4rj3", - "modified": "2024-12-18T18:30:51Z", + "modified": "2024-12-18T18:30:52Z", "published": "2024-12-18T00:31:23Z", "aliases": [ "CVE-2024-29646" ], + "summary": "Radare2 Buffer Overflow", "details": "Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.", "severity": [ { @@ -13,7 +14,30 @@ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], - "affected": [], + "affected": [ + { + "package": { + "ecosystem": "Go", + "name": "https://github.com/radareorg/radare2" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "5.9.0" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 5.8.8" + } + } + ], "references": [ { "type": "ADVISORY", @@ -42,6 +66,10 @@ { "type": "WEB", "url": "https://gist.github.com/Crispy-fried-chicken/0be4a204e7226fa2cea761c09f027690" + }, + { + "type": "PACKAGE", + "url": "https://github.com/radareorg/radare2" } ], "database_specific": {