CVE-2022-36040

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 06/09/2022 Updated: 07/11/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYC(python) files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an malicious user to execute code on the user's machine. Commit number 68948017423a12786704e54227b8b2f918c2fd27 contains a patch.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rizin rizin

CWE-787 https://github.com/rizinorg/rizin/security/advisories/GHSA-h897-rhm9-rpmw https://github.com/rizinorg/rizin/issues/2963 https://github.com/rizinorg/rizin/commit/68948017423a12786704e54227b8b2f918c2fd27 https://security.gentoo.org/glsa/202209-06 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQZLMHEI5D7EJASA5UW6XN4ODHLRHK6N/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-36040

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect