{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","type":"apk","namespace":"alpine","name":"radare2","version":"5.7.0-r0","qualifiers":{"arch":"x86_64","distroversion":"v3.18","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"5.7.2-r0","latest_non_vulnerable_version":"5.8.2-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218988?format=json","vulnerability_id":"VCID-24k2-a6p8-qbff","summary":"Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1452","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37788","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37965","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3799","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37978","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1452"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478","reference_id":"1014478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2022-1452"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24k2-a6p8-qbff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218987?format=json","vulnerability_id":"VCID-56rk-6fjw-ybev","summary":"Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1451","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37788","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37965","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.3799","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37978","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1451"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478","reference_id":"1014478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2022-1451"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-56rk-6fjw-ybev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218990?format=json","vulnerability_id":"VCID-5zrx-15yk-aqdh","summary":"Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1714","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31106","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31301","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31315","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31297","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1714"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478","reference_id":"1014478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2022-1714"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zrx-15yk-aqdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218986?format=json","vulnerability_id":"VCID-75tz-s776-nkcz","summary":"heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1444","reference_id":"","reference_type":"","scores":[{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41217","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41383","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41401","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41391","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1444"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478","reference_id":"1014478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2022-1444"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75tz-s776-nkcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218989?format=json","vulnerability_id":"VCID-b5bx-qetz-z3bb","summary":"Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1649","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37555","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37733","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37757","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37745","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1649"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478","reference_id":"1014478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2022-1649"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b5bx-qetz-z3bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218985?format=json","vulnerability_id":"VCID-p9db-w154-7baz","summary":"Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1437","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41792","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41957","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41976","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41966","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1437"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478","reference_id":"1014478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2022-1437"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9db-w154-7baz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218991?format=json","vulnerability_id":"VCID-smpv-fcxc-1fc6","summary":"Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1809","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42182","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42347","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42369","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42359","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1809"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478","reference_id":"1014478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2022-1809"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-smpv-fcxc-1fc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218992?format=json","vulnerability_id":"VCID-ytnm-a29r-a7c4","summary":"Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1899","reference_id":"","reference_type":"","scores":[{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62655","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62757","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62769","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00425","scoring_system":"epss","scoring_elements":"0.62764","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478","reference_id":"1014478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115608?format=json","purl":"pkg:apk/alpine/radare2@5.7.0-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2022-1899"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ytnm-a29r-a7c4"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/radare2@5.7.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"}