CVE-2023-0302
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-0302
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0302.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-0302
- Downstream
- Published
- 2023-01-15T01:15:15Z
- Modified
- 2025-11-06T16:11:15.630149Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.
- References
Affected packages
Git / github.com/radare/radare2
Affected ranges
- Type
- GIT
- Repo
- https://github.com/radare/radare2
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10.0
0.10.1
0.10.2
0.10.3
0.10.4
0.10.4-termux4
0.10.5
0.10.6
0.8.6
0.8.8
0.9
0.9.2
0.9.4
0.9.6
0.9.7
0.9.8
0.9.8-rc1
0.9.8-rc2
0.9.8-rc3
0.9.8-rc4
0.9.9
1.*
1.0
1.0.0
1.0.1
1.0.2
1.1.0
1.2.0
1.2.0-git
1.3.0
1.3.0-git
1.4.0
1.5.0
1.6.0
2.*
2.0.0
2.0.1
2.1.0
2.2.0
2.4.0
2.5.0
2.6.0
2.6.9
2.7.0
2.8.0
2.9.0
3.*
3.0.0
3.0.1
3.1.0
3.1.1
3.1.2
3.1.3
3.2.0
3.2.1
3.3.0
3.4.0
3.4.1
3.5.0
3.5.1
3.6.0
3.7.0
3.7.1
3.8.0
3.9.0
4.*
4.0.0
4.1.0
4.1.1
4.2.0
4.2.1
4.3.0
4.3.1
4.4.0
4.5.1
5.*
5.0.0
5.1.0
5.1.1
5.2.0
5.2.1
5.3.0
5.3.1
5.4.0
5.4.0-git
5.4.2
5.5.0
5.5.2
5.5.4
5.6.0
5.6.2
5.6.4
5.6.6
5.6.8
5.7.0
5.7.2
5.7.4
5.7.6
5.7.8
5.8.0
Other
Continuous-Windows
continuous
radare2-windows-nightly
termux
wip
release-5.*
release-5.0.0
Git / github.com/radareorg/radare2
Affected ranges
- Type
- GIT
- Repo
- https://github.com/radareorg/radare2
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10.0
0.10.1
0.10.2
0.10.3
0.10.4
0.10.4-termux4
0.10.5
0.10.6
0.8.6
0.8.8
0.9
0.9.2
0.9.4
0.9.6
0.9.7
0.9.8
0.9.8-rc1
0.9.8-rc2
0.9.8-rc3
0.9.8-rc4
0.9.9
1.*
1.0
1.0.0
1.0.1
1.0.2
1.1.0
1.2.0
1.2.0-git
1.3.0
1.3.0-git
1.4.0
1.5.0
1.6.0
2.*
2.0.0
2.0.1
2.1.0
2.2.0
2.4.0
2.5.0
2.6.0
2.6.9
2.7.0
2.8.0
2.9.0
3.*
3.0.0
3.0.1
3.1.0
3.1.1
3.1.2
3.1.3
3.2.0
3.2.1
3.3.0
3.4.0
3.4.1
3.5.0
3.5.1
3.6.0
3.7.0
3.7.1
3.8.0
3.9.0
4.*
4.0.0
4.1.0
4.1.1
4.2.0
4.2.1
4.3.0
4.3.1
4.4.0
4.5.1
5.*
5.0.0
5.1.0
5.1.1
5.2.0
5.2.1
5.3.0
5.3.1
5.4.0
5.4.0-git
5.4.2
5.5.0
5.5.2
5.5.4
5.6.0
5.6.2
5.6.4
5.6.6
5.6.8
5.7.0
5.7.2
5.7.4
5.7.6
5.7.8
5.8.0
Other
Continuous-Windows
continuous
radare2-windows-nightly
termux
wip
release-5.*
release-5.0.0
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"117224129868987141333170576378654541560",
"112122303774302653710095895950904015770",
"286642167849125197598307169656895875765",
"200583705363355964579008790774261924936",
"294304892725343160821170532010439292114",
"261993452764130729325708448071857674839",
"13156274966126072532532171010858367022",
"328268772137457144501544351551628535497",
"243743188387659242471593513570020797753"
]
},
"target": {
"file": "libr/anal/meta.c"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-03b04628",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "30203624549054786480792987600490870197",
"length": 754.0
},
"target": {
"file": "libr/cons/hud.c",
"function": "r_cons_hud_line_string"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-04e1cfc6",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "146145591883183443965009701818277146664",
"length": 1095.0
},
"target": {
"file": "libr/bin/dwarf.c",
"function": "parse_die"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-067222b8",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "302755202417082991171612944438214908192",
"length": 750.0
},
"target": {
"file": "libr/bin/dwarf.c",
"function": "add_sdb_addrline"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-0bc78d32",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"122622503045383613903570892760343521777",
"257732548440924912293581949707791234333",
"101966282118117986287268874262997483169",
"204129607043478317680277678936083509213",
"24474979432721971835354351099278927430",
"280998341787447473396094476338325487980",
"301982305395585265082219178217795881985",
"274579387694488192891995552408409118501",
"154615544771639335449354473216095393064",
"298753437820248194514428126129467085463",
"87730674044318181386593149754851485315"
]
},
"target": {
"file": "libr/core/cmd_meta.c"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-0dfff85f",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "64210164927549967594870946106573720979",
"length": 211.0
},
"target": {
"file": "libr/util/str.c",
"function": "r_str_ansi_strip"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-0e55f6e8",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"199262854801331236991369056848607259773",
"2013491468459011443694536952392915313",
"162911182218424582934953231712495337165",
"123968536927416318373655137240947023773",
"174098908330033379192344788458807201652",
"214130895192932357171086398755358859413",
"23546718691828686256317798309301295424",
"17960685072955350460819135301032800136",
"90926411453624032439475415601598205628",
"336537485006234036059777022012287995774",
"107573213711181614070830071314393858514",
"214130895192932357171086398755358859413",
"23546718691828686256317798309301295424"
]
},
"target": {
"file": "libr/cons/hud.c"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-117cfd75",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "305445633262264289013467772027179443924",
"length": 6850.0
},
"target": {
"file": "libr/bin/dwarf.c",
"function": "parse_attr_value"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-11f8f42f",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"39596287434503157918987773476684790951",
"337024656133671148542607364964621956961",
"18066845746411773653976267346722268586",
"123850632202596602402302825142312499729",
"302111723453335213723333841580975712283",
"224332996226165048027858002087339591740",
"226139418536827224567921519692934913345",
"302729548349088189690535003066198841977",
"324617580973819830217375796817897362851",
"335759585384272116614284078746213843555",
"84868313018904073413581477317839998985"
]
},
"target": {
"file": "libr/util/str.c"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-3d523b55",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "30203624549054786480792987600490870197",
"length": 754.0
},
"target": {
"file": "libr/cons/hud.c",
"function": "r_cons_hud_string"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-5f4db9e7",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "219676749096955743241161300978175778684",
"length": 180.0
},
"target": {
"file": "libr/cons/hud.c",
"function": "r_cons_hud_file"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-7c97470c",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "304314371533194598169440894468376705212",
"length": 2840.0
},
"target": {
"file": "libr/bin/dwarf.c",
"function": "parse_line_header_source"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-a03c4d4c",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"290587564795209478483223670920389647632",
"281378488638060073319676206283797209288",
"118582431633400109208034044938826301726",
"16399646873478828045985437693609122347",
"5493985194842071247813256748611708998",
"158139138181326658909783597602558668466",
"319730612967882053326468259105176694527",
"317175776113175563175418342278810465841",
"29051053979853287082002013391135682132",
"194819844170317723846350340039840592258",
"338985387717567495235256290139026690335",
"165354070594697641244138656744095329231",
"293967846851317968840621910606184867195",
"73736020594763771510839524212072783057",
"25500840706540500518345515293505208592",
"318665930013014221472000645495696738119",
"60359855166981046130023726926058918992",
"303681810992011164832050222607586147998",
"126150366862898760370695040249298489566",
"140778788904994425327635725594087923359",
"74356062592354127919639573429734700942",
"162603463315328973412087963141962796323",
"263841602510264739708539274941858957161",
"304480636708465612212868724625621636804",
"231593614971678603927490685171962712744",
"179411999229008742048099286082078886167",
"38109449509990794219561656722736575201",
"311795031646866355796717059461791065195",
"74402981918240660857286780351139897738",
"197764195972304322826961544778598958364",
"335281369560441912964056910673928131880",
"129152426170094340084435896379741707856",
"164600648065864590433291235028834460343",
"275711368096407974099532441539749245524",
"29321443220496989494965509241395586678",
"165404215861404968862300768904775164174",
"195573329277048609700735582350643207949",
"133122834652994437534508724291219478964",
"55059652257766151665959955755426650951",
"228208061215401212535110007703871678379",
"203537934948599996886128067060647130064",
"131276532204146805432742071306563863987",
"253206259048156377626776335913488701243",
"302827727149878229853424086543822819082",
"279370990426858469245041183935094693538"
]
},
"target": {
"file": "libr/bin/dwarf.c"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-a146017d",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "294838342975200499568885156633370507999",
"length": 781.0
},
"target": {
"file": "libr/anal/meta.c",
"function": "meta_set"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-b00030c8",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "10169630936240899862434598167295518707",
"length": 5587.0
},
"target": {
"file": "libr/core/cmd_meta.c",
"function": "cmd_meta_comment"
},
"source": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce",
"id": "CVE-2023-0302-c97ef688",
"deprecated": false,
"signature_version": "v1"
}
]