{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","type":"alpm","namespace":"archlinux","name":"radare2","version":"2.6.0-1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"5.4.0-1","latest_non_vulnerable_version":"5.6-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176321?format=json","vulnerability_id":"VCID-2gc7-kn57-b3ak","summary":"The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11378","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.41905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42128","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42045","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42181","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42239","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42268","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.4221","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42261","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42291","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42254","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42226","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42277","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42252","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42184","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42132","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11378"},{"reference_url":"https://github.com/radare/radare2/commit/bd276ef2fd8ac3401e65be7c126a43175ccfbcd7","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/bd276ef2fd8ac3401e65be7c126a43175ccfbcd7"},{"reference_url":"https://github.com/radare/radare2/issues/9969","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9969"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11378","reference_id":"CVE-2018-11378","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11378"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2gc7-kn57-b3ak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176325?format=json","vulnerability_id":"VCID-54v3-r36b-pqbt","summary":"The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11382","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.45874","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46034","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.45975","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.45986","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46037","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46059","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46006","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46062","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46084","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46055","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46063","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46118","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46114","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.4606","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46025","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11382"},{"reference_url":"https://github.com/radare/radare2/commit/d04c78773f6959bcb427453f8e5b9824d5ba9eff","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/d04c78773f6959bcb427453f8e5b9824d5ba9eff"},{"reference_url":"https://github.com/radare/radare2/issues/10091","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/10091"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11382","reference_id":"CVE-2018-11382","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11382"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11382"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-54v3-r36b-pqbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176324?format=json","vulnerability_id":"VCID-627w-z5ne-kye4","summary":"The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11381","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47987","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48031","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48043","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48027","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11381"},{"reference_url":"https://github.com/radare/radare2/commit/3fcf41ed96ffa25b38029449520c8d0a198745f3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/3fcf41ed96ffa25b38029449520c8d0a198745f3"},{"reference_url":"https://github.com/radare/radare2/issues/9902","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9902"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11381","reference_id":"CVE-2018-11381","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11381"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11381"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-627w-z5ne-kye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176318?format=json","vulnerability_id":"VCID-a4us-jxhs-nfgh","summary":"The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11375","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.45874","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46034","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.45975","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.45986","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46037","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46059","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46006","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46062","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46084","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46055","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46063","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46118","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46114","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.4606","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46025","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11375"},{"reference_url":"https://github.com/radare/radare2/commit/041e53cab7ca33481ae45ecd65ad596976d78e68","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/041e53cab7ca33481ae45ecd65ad596976d78e68"},{"reference_url":"https://github.com/radare/radare2/issues/9928","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9928"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11375","reference_id":"CVE-2018-11375","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11375"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11375"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a4us-jxhs-nfgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176322?format=json","vulnerability_id":"VCID-ausu-fn3w-kueu","summary":"The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11379","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47987","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48031","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48043","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48027","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11379"},{"reference_url":"https://github.com/radare/radare2/commit/4e1cf0d3e6f6fe2552a269def0af1cd2403e266c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/4e1cf0d3e6f6fe2552a269def0af1cd2403e266c"},{"reference_url":"https://github.com/radare/radare2/issues/9926","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9926"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11379","reference_id":"CVE-2018-11379","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11379"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11379"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ausu-fn3w-kueu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176326?format=json","vulnerability_id":"VCID-fuw5-x3dd-6yg8","summary":"The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11383","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47987","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48031","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48043","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48027","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11383"},{"reference_url":"https://github.com/radare/radare2/commit/9d348bcc2c4bbd3805e7eec97b594be9febbdf9a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/9d348bcc2c4bbd3805e7eec97b594be9febbdf9a"},{"reference_url":"https://github.com/radare/radare2/issues/9943","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9943"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11383","reference_id":"CVE-2018-11383","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11383"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11383"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fuw5-x3dd-6yg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176323?format=json","vulnerability_id":"VCID-myn1-h1xa-5ba7","summary":"The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11380","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47987","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48031","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48043","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48027","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11380"},{"reference_url":"https://github.com/radare/radare2/commit/60208765887f5f008b3b9a883f3addc8bdb9c134","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/60208765887f5f008b3b9a883f3addc8bdb9c134"},{"reference_url":"https://github.com/radare/radare2/issues/9970","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9970"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11380","reference_id":"CVE-2018-11380","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11380"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11380"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myn1-h1xa-5ba7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176319?format=json","vulnerability_id":"VCID-qvdt-rhku-v7cb","summary":"The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11376","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47987","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48031","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48043","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48027","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11376"},{"reference_url":"https://github.com/radare/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/1f37c04f2a762500222dda2459e6a04646feeedf"},{"reference_url":"https://github.com/radare/radare2/issues/9904","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9904"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11376","reference_id":"CVE-2018-11376","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11376"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11376"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qvdt-rhku-v7cb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176320?format=json","vulnerability_id":"VCID-sf7m-amp2-ebde","summary":"The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11377","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48865","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48993","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48948","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48927","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48963","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4899","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48944","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48998","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48994","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49011","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48984","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49036","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49032","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11377"},{"reference_url":"https://github.com/radare/radare2/commit/25a3703ef2e015bbe1d1f16f6b2f63bb10dd34f4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/25a3703ef2e015bbe1d1f16f6b2f63bb10dd34f4"},{"reference_url":"https://github.com/radare/radare2/commit/b35530fa0681b27eba084de5527037ebfb397422","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/b35530fa0681b27eba084de5527037ebfb397422"},{"reference_url":"https://github.com/radare/radare2/issues/9901","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9901"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11377","reference_id":"CVE-2018-11377","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11377"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11377"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sf7m-amp2-ebde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176327?format=json","vulnerability_id":"VCID-vemn-pw8w-y3dq","summary":"The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11384","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47987","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48031","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48043","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48027","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11384"},{"reference_url":"https://github.com/radare/radare2/commit/77c47cf873dd55b396da60baa2ca83bbd39e4add","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/commit/77c47cf873dd55b396da60baa2ca83bbd39e4add"},{"reference_url":"https://github.com/radare/radare2/issues/9903","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/radare/radare2/issues/9903"},{"reference_url":"https://security.archlinux.org/ASA-201806-2","reference_id":"ASA-201806-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-2"},{"reference_url":"https://security.archlinux.org/AVG-709","reference_id":"AVG-709","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:radare:radare2:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11384","reference_id":"CVE-2018-11384","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11384"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372733?format=json","purl":"pkg:alpm/archlinux/radare2@2.6.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}],"aliases":["CVE-2018-11384"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vemn-pw8w-y3dq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/radare2@2.6.0-1"}