VulnerableCode Package Details - pkg:deb/debian/radare2@4.2.1%2Bdfsg-1?distro=sid

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6s39-wdz1-yuhz	radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input.	CVE-2019-19647
VCID-797x-2rdg-efbq	In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input.	CVE-2019-19590

Vulnerability

Summary

Aliases

VCID-6s39-wdz1-yuhz

radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input.

CVE-2019-19647

VCID-797x-2rdg-efbq

In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input.

CVE-2019-19590

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:14:42.353517+00:00	Debian Importer	Fixing	VCID-797x-2rdg-efbq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:09:05.937347+00:00	Debian Importer	Fixing	VCID-6s39-wdz1-yuhz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:07:12.623952+00:00	Debian Importer	Fixing	VCID-797x-2rdg-efbq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:07:37.860741+00:00	Debian Importer	Fixing	VCID-6s39-wdz1-yuhz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:51:41.041110+00:00	Debian Importer	Fixing	VCID-6s39-wdz1-yuhz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:51:41.016348+00:00	Debian Importer	Fixing	VCID-797x-2rdg-efbq	https://security-tracker.debian.org/tracker/data/json	38.1.0