{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","type":"deb","namespace":"debian","name":"radare2","version":"5.5.0+dfsg-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"5.9.0+dfsg-1","latest_non_vulnerable_version":"6.0.7+ds-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/271993?format=json","vulnerability_id":"VCID-2hsg-v6h9-e7er","summary":"A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28071","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26349","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26834","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26873","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2666","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26728","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26778","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26782","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26738","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26681","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2669","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26621","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26564","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26557","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26484","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28071"},{"reference_url":"https://github.com/radareorg/radare2/commit/65448811e5b9582a19cf631e03cfcaa025a92ef5","reference_id":"65448811e5b9582a19cf631e03cfcaa025a92ef5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:37:37Z/"}],"url":"https://github.com/radareorg/radare2/commit/65448811e5b9582a19cf631e03cfcaa025a92ef5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-28071"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2hsg-v6h9-e7er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/271994?format=json","vulnerability_id":"VCID-5kmb-6m89-6uc6","summary":"A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28072","reference_id":"","reference_type":"","scores":[{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68726","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68746","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68776","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68795","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68817","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68803","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68774","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68815","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68826","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68804","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68852","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68858","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.68865","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28072"},{"reference_url":"https://github.com/radareorg/radare2/commit/027cd9b7274988bb1af866539ba6c2fa2ff63e45","reference_id":"027cd9b7274988bb1af866539ba6c2fa2ff63e45","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:38:19Z/"}],"url":"https://github.com/radareorg/radare2/commit/027cd9b7274988bb1af866539ba6c2fa2ff63e45"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-28072"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5kmb-6m89-6uc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/271992?format=json","vulnerability_id":"VCID-7jxc-2agn-8kd2","summary":"A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28070","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26616","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26763","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27093","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26921","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2699","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27035","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27038","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26994","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26937","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26947","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26886","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26836","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26829","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28070"},{"reference_url":"https://github.com/radareorg/radare2/commit/4aff1bb00224de4f5bc118f987dfd5d2fe3450d0","reference_id":"4aff1bb00224de4f5bc118f987dfd5d2fe3450d0","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T17:31:03Z/"}],"url":"https://github.com/radareorg/radare2/commit/4aff1bb00224de4f5bc118f987dfd5d2fe3450d0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-28070"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7jxc-2agn-8kd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/250619?format=json","vulnerability_id":"VCID-avnf-p1zx-47ce","summary":"Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32494","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44332","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44419","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44464","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44394","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44292","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44296","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44213","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44441","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44375","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44426","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44433","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.4445","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44418","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44417","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44474","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.45928","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32494"},{"reference_url":"https://github.com/radareorg/radare2/issues/18667","reference_id":"18667","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-11-12T19:47:10Z/"}],"url":"https://github.com/radareorg/radare2/issues/18667"},{"reference_url":"https://github.com/radareorg/radare2/commit/a07dedb804a82bc01c07072861942dd80c6b6d62","reference_id":"a07dedb804a82bc01c07072861942dd80c6b6d62","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-11-12T19:47:10Z/"}],"url":"https://github.com/radareorg/radare2/commit/a07dedb804a82bc01c07072861942dd80c6b6d62"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-32494"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-avnf-p1zx-47ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/271990?format=json","vulnerability_id":"VCID-ccqg-j1n1-dqb8","summary":"A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28068","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32788","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33276","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33142","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33218","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3322","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33181","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33197","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33175","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32991","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32975","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32899","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28068"},{"reference_url":"https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992","reference_id":"637f4bd1af6752e28e0a9998e954e2e9ce6fa992","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T17:56:12Z/"}],"url":"https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-28068"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ccqg-j1n1-dqb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/271995?format=json","vulnerability_id":"VCID-dzzp-5yb2-h7fq","summary":"A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28073","reference_id":"","reference_type":"","scores":[{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58435","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58463","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58482","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58453","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58505","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58511","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58528","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58509","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58489","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58521","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58526","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58471","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58483","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.5847","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28073"},{"reference_url":"https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053","reference_id":"59a9dfb60acf8b5c0312061cffd9693fc9526053","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:37:02Z/"}],"url":"https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-28073"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzzp-5yb2-h7fq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/257356?format=json","vulnerability_id":"VCID-pme4-1y6v-4ybu","summary":"A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3673","reference_id":"","reference_type":"","scores":[{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70733","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70594","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70607","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70623","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70601","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70646","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70662","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70685","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.7067","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70657","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70702","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.7071","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70689","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70742","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00644","scoring_system":"epss","scoring_elements":"0.70753","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3673"},{"reference_url":"https://security.archlinux.org/AVG-2245","reference_id":"AVG-2245","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2245"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-3673"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pme4-1y6v-4ybu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/250749?format=json","vulnerability_id":"VCID-wxqc-aaxn-3ud4","summary":"In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32613","reference_id":"","reference_type":"","scores":[{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56332","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.5632","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56422","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56444","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56426","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56482","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56493","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56468","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56449","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56481","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56483","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56453","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56381","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56401","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56379","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32613"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989067","reference_id":"989067","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989067"},{"reference_url":"https://security.archlinux.org/ASA-202106-40","reference_id":"ASA-202106-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-40"},{"reference_url":"https://security.archlinux.org/AVG-1950","reference_id":"AVG-1950","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1950"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-32613"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxqc-aaxn-3ud4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/271991?format=json","vulnerability_id":"VCID-xuw5-8svs-p3a7","summary":"A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28069","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32788","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32899","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33276","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33142","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33218","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3322","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33181","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33197","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33175","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32991","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32975","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28069"},{"reference_url":"https://github.com/radareorg/radare2/commit/49b0cebfdf0db9704e36f8a5533f1df6d3e2ed3a","reference_id":"49b0cebfdf0db9704e36f8a5533f1df6d3e2ed3a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T17:21:58Z/"}],"url":"https://github.com/radareorg/radare2/commit/49b0cebfdf0db9704e36f8a5533f1df6d3e2ed3a"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2022-28069"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xuw5-8svs-p3a7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/250621?format=json","vulnerability_id":"VCID-yuwd-fh9w-5bc3","summary":"Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32495","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52835","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52862","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52964","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52947","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52914","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52885","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52888","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52856","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52907","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52901","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52951","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52936","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52919","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52956","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.5459","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32495"},{"reference_url":"https://github.com/radareorg/radare2/issues/18666","reference_id":"18666","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:46:13Z/"}],"url":"https://github.com/radareorg/radare2/issues/18666"},{"reference_url":"https://github.com/radareorg/radare2/commit/5e16e2d1c9fe245e4c17005d779fde91ec0b9c05","reference_id":"5e16e2d1c9fe245e4c17005d779fde91ec0b9c05","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-12T19:46:13Z/"}],"url":"https://github.com/radareorg/radare2/commit/5e16e2d1c9fe245e4c17005d779fde91ec0b9c05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/937433?format=json","purl":"pkg:deb/debian/radare2@5.5.0%2Bdfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/937413?format=json","purl":"pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid"}],"aliases":["CVE-2021-32495"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yuwd-fh9w-5bc3"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.5.0%252Bdfsg-1%3Fdistro=sid"}