https://nvd.nist.gov/vuln/detail/CVE-2018-20455: In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456. https://nvd.nist.gov/vuln/detail/CVE-2018-20456: In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455. References: https://github.com/radare/radare2/issues/12373 https://github.com/radare/radare2/issues/12372
tree is clean