Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/372733?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "type": "alpm", "namespace": "archlinux", "name": "radare2", "version": "2.6.0-1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "5.4.0-1", "latest_non_vulnerable_version": "5.6-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176321?format=api", "vulnerability_id": "VCID-2gc7-kn57-b3ak", "summary": "The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.41905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42128", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42045", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42181", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42239", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42268", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.4221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42261", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42291", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42254", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42277", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42252", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42184", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42132", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11378" }, { "reference_url": "https://github.com/radare/radare2/commit/bd276ef2fd8ac3401e65be7c126a43175ccfbcd7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/bd276ef2fd8ac3401e65be7c126a43175ccfbcd7" }, { "reference_url": "https://github.com/radare/radare2/issues/9969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9969" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11378", "reference_id": "CVE-2018-11378", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11378" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11378" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gc7-kn57-b3ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176325?format=api", "vulnerability_id": "VCID-54v3-r36b-pqbt", "summary": "The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45874", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46034", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45975", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45986", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46037", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46006", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46062", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46084", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46055", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46063", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46118", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46114", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.4606", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46025", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11382" }, { "reference_url": "https://github.com/radare/radare2/commit/d04c78773f6959bcb427453f8e5b9824d5ba9eff", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/d04c78773f6959bcb427453f8e5b9824d5ba9eff" }, { "reference_url": "https://github.com/radare/radare2/issues/10091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/10091" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11382", "reference_id": "CVE-2018-11382", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11382" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11382" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54v3-r36b-pqbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176324?format=api", "vulnerability_id": "VCID-627w-z5ne-kye4", "summary": "The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47987", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4809", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48046", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48027", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11381" }, { "reference_url": "https://github.com/radare/radare2/commit/3fcf41ed96ffa25b38029449520c8d0a198745f3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/3fcf41ed96ffa25b38029449520c8d0a198745f3" }, { "reference_url": "https://github.com/radare/radare2/issues/9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9902" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11381", "reference_id": "CVE-2018-11381", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11381" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11381" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-627w-z5ne-kye4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176318?format=api", "vulnerability_id": "VCID-a4us-jxhs-nfgh", "summary": "The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45874", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46034", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45975", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45986", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46037", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46006", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46062", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46084", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46055", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46063", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46118", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46114", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.4606", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46025", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11375" }, { "reference_url": "https://github.com/radare/radare2/commit/041e53cab7ca33481ae45ecd65ad596976d78e68", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/041e53cab7ca33481ae45ecd65ad596976d78e68" }, { "reference_url": "https://github.com/radare/radare2/issues/9928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9928" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11375", "reference_id": "CVE-2018-11375", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11375" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11375" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a4us-jxhs-nfgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176322?format=api", "vulnerability_id": "VCID-ausu-fn3w-kueu", "summary": "The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11379", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47987", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4809", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48046", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48027", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11379" }, { "reference_url": "https://github.com/radare/radare2/commit/4e1cf0d3e6f6fe2552a269def0af1cd2403e266c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/4e1cf0d3e6f6fe2552a269def0af1cd2403e266c" }, { "reference_url": "https://github.com/radare/radare2/issues/9926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9926" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11379", "reference_id": "CVE-2018-11379", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11379" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11379" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ausu-fn3w-kueu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176326?format=api", "vulnerability_id": "VCID-fuw5-x3dd-6yg8", "summary": "The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47987", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4809", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48046", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48027", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11383" }, { "reference_url": "https://github.com/radare/radare2/commit/9d348bcc2c4bbd3805e7eec97b594be9febbdf9a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/9d348bcc2c4bbd3805e7eec97b594be9febbdf9a" }, { "reference_url": "https://github.com/radare/radare2/issues/9943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9943" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11383", "reference_id": "CVE-2018-11383", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11383" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11383" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fuw5-x3dd-6yg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176323?format=api", "vulnerability_id": "VCID-myn1-h1xa-5ba7", "summary": "The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11380", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47987", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4809", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48046", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48027", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11380" }, { "reference_url": "https://github.com/radare/radare2/commit/60208765887f5f008b3b9a883f3addc8bdb9c134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/60208765887f5f008b3b9a883f3addc8bdb9c134" }, { "reference_url": "https://github.com/radare/radare2/issues/9970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9970" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11380", "reference_id": "CVE-2018-11380", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11380" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11380" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-myn1-h1xa-5ba7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176319?format=api", "vulnerability_id": "VCID-qvdt-rhku-v7cb", "summary": "The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47987", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4809", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48046", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48027", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11376" }, { "reference_url": "https://github.com/radare/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf" }, { "reference_url": "https://github.com/radare/radare2/issues/9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9904" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11376", "reference_id": "CVE-2018-11376", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11376" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11376" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qvdt-rhku-v7cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176320?format=api", "vulnerability_id": "VCID-sf7m-amp2-ebde", "summary": "The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11377", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48865", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48993", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48948", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48963", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.4899", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48944", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48998", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48994", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49011", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48984", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49036", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49032", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11377" }, { "reference_url": "https://github.com/radare/radare2/commit/25a3703ef2e015bbe1d1f16f6b2f63bb10dd34f4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/25a3703ef2e015bbe1d1f16f6b2f63bb10dd34f4" }, { "reference_url": "https://github.com/radare/radare2/commit/b35530fa0681b27eba084de5527037ebfb397422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/b35530fa0681b27eba084de5527037ebfb397422" }, { "reference_url": "https://github.com/radare/radare2/issues/9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9901" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11377", "reference_id": "CVE-2018-11377", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11377" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11377" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sf7m-amp2-ebde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176327?format=api", "vulnerability_id": "VCID-vemn-pw8w-y3dq", "summary": "The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47987", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4809", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48046", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48027", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11384" }, { "reference_url": "https://github.com/radare/radare2/commit/77c47cf873dd55b396da60baa2ca83bbd39e4add", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/commit/77c47cf873dd55b396da60baa2ca83bbd39e4add" }, { "reference_url": "https://github.com/radare/radare2/issues/9903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/radare/radare2/issues/9903" }, { "reference_url": "https://security.archlinux.org/ASA-201806-2", "reference_id": "ASA-201806-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-2" }, { "reference_url": "https://security.archlinux.org/AVG-709", "reference_id": "AVG-709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11384", "reference_id": "CVE-2018-11384", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11384" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372733?format=api", "purl": "pkg:alpm/archlinux/radare2@2.6.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" } ], "aliases": [ "CVE-2018-11384" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vemn-pw8w-y3dq" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1" }