Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-awv9-a65t-gfax

Summary A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The patch is named 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.

Aliases

alias	CVE-2025-5643

Fixed_packages

url	pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl	pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid

url	pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl	pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5643

reference_id

reference_type

scores

value	0.0016
scoring_system	epss
scoring_elements	0.36912
published_at	2026-04-09T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36983
published_at	2026-04-02T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.37018
published_at	2026-04-04T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36846
published_at	2026-04-07T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36897
published_at	2026-04-08T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36613
published_at	2026-04-24T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36832
published_at	2026-04-21T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.3689
published_at	2026-04-18T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36906
published_at	2026-04-16T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36861
published_at	2026-04-13T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36886
published_at	2026-04-12T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36921
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5643

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id	1107316
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316

reference_url

https://github.com/radareorg/radare2/issues/24232

reference_id

24232

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:N/I:N/A:P

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/

url

https://github.com/radareorg/radare2/issues/24232

reference_url

https://github.com/radareorg/radare2/issues/24232#issuecomment-2918841776

reference_id

24232#issuecomment-2918841776

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:N/I:N/A:P

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/

url

https://github.com/radareorg/radare2/issues/24232#issuecomment-2918841776

reference_url

https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798

reference_id

5705d99cc1f23f36f9a84aab26d1724010b97798

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:N/I:N/A:P

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/

url

https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798

reference_url

https://vuldb.com/?ctiid.311131

reference_id

?ctiid.311131

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:N/I:N/A:P

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/

url

https://vuldb.com/?ctiid.311131

reference_url

https://vuldb.com/?id.311131

reference_id

?id.311131

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:N/I:N/A:P

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/

url

https://vuldb.com/?id.311131

reference_url

https://vuldb.com/?submit.586912

reference_id

?submit.586912

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:N/I:N/A:P

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/

url

https://vuldb.com/?submit.586912

reference_url

https://drive.google.com/file/d/1XsoyD7lMC-9a9Cxhld8sdEE-0PF3lxvB/view?usp=sharing

reference_id

view?usp=sharing

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:N/I:N/A:P

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/

url

https://drive.google.com/file/d/1XsoyD7lMC-9a9Cxhld8sdEE-0PF3lxvB/view?usp=sharing

Weaknesses

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Exploits

Severity_range_score 1.0 - 2.5

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-awv9-a65t-gfax

Vulnerability Instance