A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing
                
            References
                    | Link | Resource | 
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2329102 | Issue Tracking Third Party Advisory | 
Configurations
                    History
                    05 Aug 2025, 17:56
| Type | Values Removed | Values Added | 
|---|---|---|
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=2329102 - Issue Tracking, Third Party Advisory | |
| Summary | 
 | |
| First Time | Radare Radare radare2 | |
| CPE | cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:* | 
15 Dec 2024, 14:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2024-12-15 14:15
Updated : 2025-08-05 17:56
NVD link : CVE-2024-11858
Mitre link : CVE-2024-11858
CVE.ORG link : CVE-2024-11858
JSON object : View
Products Affected
                radare
- radare2
CWE
                
                    
                        
                        CWE-78
                        
            Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
