Add CVE-2022-0559/radare2

author: Salvatore Bonaccorso <carnil@debian.org> 2022-02-16 21:23:37 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-02-16 21:23:37 +0100
commit: 14b9dfe9fd4ecc0a634a1bcc69f3bb7487d4ca1b (patch)
tree: 1966a9701fe39aa933c0a3606244d74854efc464
parent: 55db975202369b99fb20b43b766132fc126e36a5 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index c77f93dc3a..2cb8c3aefd 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1386,7 +1386,9 @@ CVE-2022-0561 (Null source pointer passed as an argument to memcpy() function wi
 CVE-2022-0560 (Open Redirect in Packagist microweber/microweber prior to 1.2.11. ...)
 	NOT-FOR-US: microweber
 CVE-2022-0559 (Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. ...)
-	TODO: check
+	- radare2 <unfixed>
+	NOTE: https://huntr.dev/bounties/aa80adb7-e900-44a5-ad05-91f3ccdfc81e
+	NOTE: https://github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e
 CVE-2022-0558 (Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber ...)
 	NOT-FOR-US: microweber
 CVE-2022-0557 (OS Command Injection in Packagist microweber/microweber prior to 1.2.1 ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2022-02-16 21:23:37 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-02-16 21:23:37 +0100
commit	14b9dfe9fd4ecc0a634a1bcc69f3bb7487d4ca1b (patch)
tree	1966a9701fe39aa933c0a3606244d74854efc464
parent	55db975202369b99fb20b43b766132fc126e36a5 (diff)